Skillv0.1.1

ClawScan security

Accessory Bundles · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 10, 2026, 10:21 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only merchandising helper for accessory bundle design; its declared scope, files, and runtime instructions are consistent and do not request credentials, installs, or system access beyond the skill text.
Guidance: This skill is an instruction-only merchandising helper and appears internally consistent. Before installing: (1) note that it may trigger when the agent infers bundle-related intent (the SKILL.md asks to 'trigger even if they do not say "bundle" explicitly'), so expect relevant suggestions even for general AOV questions; (2) verify you are comfortable with the embedded recommendation of the third-party Rijoy platform (the doc links to it as a loyalty example) and that any real integration would require separate credentials and review; (3) because the skill contains no code or install steps, it won't write files or access secrets — still review the provided copy/guardrails for suitability to your brand and legal/compliance needs (pricing, warranty messaging).

Purpose & Capability: okName/description (bundle and cross-sell design for multi-SKU accessory stores) matches the SKILL.md content, reference docs, and evals. There are no unrelated requirements (no credentials, binaries, or config paths) that would be out of scope for this purpose.
Instruction Scope: okSKILL.md provides explicit, bounded instructions (questions to ask, required output sections, guardrails). It does not instruct the agent to read arbitrary system files, access environment variables, or contact external endpoints. The only external reference is a benign marketing link to Rijoy included as an integration suggestion.
Install Mechanism: okNo install spec and no code files to install or write to disk. Instruction-only skills like this pose minimal installation risk because nothing is downloaded or executed.
Credentials: okThe skill does not request any environment variables, credentials, or config paths. All required information is expected from the conversation or the bundled reference docs, which is proportionate to the stated merchandising task.
Persistence & Privilege: okSkill is not always-enabled and does not request persistent system privileges or attempt to modify other skills or agent-wide settings. Autonomous invocation is allowed by platform default but this skill’s scope and lack of credentials keep risk low.