Back to skill
Skillv1.0.0
ClawScan security
Parental Controls · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 21, 2026, 5:35 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's description (monitoring, real-time alerts, email reports, content filtering) is not supported by the provided instructions — required installation steps, integrations, and credentials are missing or vague, so it is unclear how it would actually perform those functions.
- Guidance
- Do not install yet. The skill claims to monitor children and send alerts but gives no concrete install steps, no source URL, and no information about where data flows or which credentials/services it uses. Before installing, ask the publisher for: (1) a verifiable source or package URL (with checksum) and source code or binary; (2) clear details on what data is collected, where it is stored/transmitted, and which third-party services are used (email/SMS providers, cloud backends); (3) required credentials or device agents and how they are secured; (4) privacy and legal handling of sensitive categories (CSAM, self-harm), including mandatory reporting behavior; and (5) an auditable installation and uninstall procedure. If the publisher cannot provide these, treat the skill as unsafe to install. Additional evidence that would change this assessment: a concrete, auditable installer (URL + checksum or repository), explicit declared env vars/credentials and their purpose, and a privacy/security whitepaper explaining data flows and legal safeguards.
Review Dimensions
- Purpose & Capability
- concernThe skill claims full parental-control functionality (real-time alerts, content filtering, screen-time enforcement, email reports) yet the SKILL.md provides no concrete integrations, required binaries, or credentials. A real parental-control system would typically need device/network hooks, email/SMS provider credentials, or cloud services — none are declared. This mismatch suggests the description is incomplete or misleading.
- Instruction Scope
- concernThe runtime instructions are very high-level and vague: they list features and a JSON config snippet but do not explain how the agent obtains child activity data, enforces screen time, or sends alerts. The doc references sensitive categories (csam, self-harm, high-nsfw) without guidance on reporting, handling, or legal/ethical safeguards. The single actionable line 'Download from ClawHub' is underspecified and gives the agent broad discretion.
- Install Mechanism
- concernThere is no install spec and no code files — lowest-risk in principle — but the SKILL.md's instruction to 'Download from ClawHub' is ambiguous (no URL, no checksum, no package name). That lack of a concrete, auditable install mechanism is a red flag for a skill that claims to monitor systems and transmit alerts.
- Credentials
- concernNo environment variables, credentials, or config paths are declared, yet the skill indicates it will send weekly emails and real-time alerts and manage device controls. Email/SMS providers, admin credentials for endpoints, or device agents would normally be required. The absence of declared secrets is disproportionate to claimed capabilities and hides how/where data would be sent.
- Persistence & Privilege
- noteThe skill does not request elevated platform privileges or 'always: true' and is not set to modify other skills. However, because it deals with ongoing monitoring and real-time alerts, any real implementation would need persistent access somewhere (device agents, cloud service). The current manifest does not show how persistence would be achieved or controlled.