Back to skill
Skillv2.1.1
ClawScan security
Ravi contacts · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 8, 2026, 5:46 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are consistent with a simple contact-management integration and do not ask for unrelated credentials or installs.
- Guidance
- Functionally this skill appears coherent and minimal: it manages contacts and integrates with other ravi skills. Before installing, note that (1) the skill source/homepage is unknown — trust and provenance are limited, (2) contacts are stored in plaintext per the docs, so do not put passwords or API keys in contact fields, and (3) the skill will be used alongside your email/SMS workflows (ravi-inbox, ravi-email-send), so check permissions and data flows for those skills as well. Because it is instruction-only, it does not install code on disk, but the agent may invoke CLI commands at runtime — ensure you only grant this skill to agents you trust.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md: all commands, JSON shapes, and integration notes relate to listing, searching, creating, updating, and deleting contacts. Nothing in the skill requests unrelated permissions, binaries, or environment variables.
- Instruction Scope
- okRuntime instructions are focused on invoking the ravi contacts CLI and on resolving recipients before sending messages. They do not direct the agent to read arbitrary files, environment variables, or external endpoints beyond the documented API reference and related ravi skills. The guidance to 'always search contacts first' is a scoped behavioral rule, not an open-ended data collection instruction.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The SKILL.md explicitly warns not to store passwords or API keys in contacts and references separate ravi-passwords/ravi-secrets skills for secrets, which is proportionate.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated persistence. Model invocation is allowed (the platform default), which is expected for user-invocable skills and is not excessive here.