Skillv1.0.1

ClawScan security

Banking Brief · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 11, 2026, 2:41 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its described purpose (generate a CNBV-focused PDF brief via a Telegram bot); it only requires a Telegram bot token and ReportLab/python-telegram-bot libraries and does not attempt unexpected file reads or network exfiltration.
Guidance: This skill appears to be what it claims: a Telegram bot that builds a CNBV-focused PDF brief and returns it in chat. Before installing: 1) Verify and correct the registry metadata (ensure TELEGRAM_BOT_TOKEN is declared as the primary credential). 2) Review the included Python files yourself (they are short and readable) and confirm generar_brief_pdf exists in generate_brief.py as expected. 3) Only provide a bot token you control and add the bot to the intended chats; the token grants the bot access to messages it is a member of. 4) Install dependencies in a virtualenv or container (pip install reportlab python-telegram-bot) rather than system-wide; avoid running with --break-system-packages unless you understand its effects. 5) Consider running the bot on an isolated host and rotate the token if it is ever exposed.

Review Dimensions

Purpose & Capability: noteThe skill is a Telegram bot that parses CNBV indicators and builds a PDF — the TELEGRAM_BOT_TOKEN requirement and imported libraries align with that purpose. However, the registry metadata shows a malformed entry for required env vars ([object Object]) and lists no primary credential while the SKILL.md and code clearly require TELEGRAM_BOT_TOKEN; this is a metadata inconsistency that should be corrected.
Instruction Scope: okSKILL.md and the two Python files limit behavior to parsing user-sent text, generating a PDF locally (/tmp), and sending it back to the Telegram chat. The runtime instructions do not ask the agent to read unrelated files, access other environment variables, or transmit data to external endpoints other than Telegram's API (via python-telegram-bot).
Install Mechanism: noteThere is no automated install spec in the registry (instruction-only install steps are provided in SKILL.md and in the telegram_handler docstring: pip install reportlab python-telegram-bot). Requiring pip packages is expected for this functionality, but the skill does not provide an automated, vetted install manifest — user will run pip themselves. The telegram_handler docstring suggests the flag --break-system-packages which is a local packaging detail; not intrinsically malicious but should be used cautiously on some systems.
Credentials: noteThe code requires a single credential (TELEGRAM_BOT_TOKEN) which is proportional to a Telegram bot. There is a registry/metadata mismatch: the manifest shown to the evaluator lists required env vars as '[object Object]' and 'Primary credential: none' which contradicts SKILL.md and the code. Confirm the registry metadata before installation so you know which credential is expected.
Persistence & Privilege: okThe skill does not request permanent/always-on inclusion or modify other skills or system configs. It runs as a normal bot process and writes temporary PDF files to /tmp; no elevated privileges or persistent system-wide changes are attempted.