Back to skill
Skillv1.0.0
ClawScan security
A2A Agent Lookup — Verify Any AI Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 26, 2026, 10:30 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are consistent with its stated purpose (looking up A2A agent cards on rnwy.com); it asks for no credentials and performs only straightforward HTTP GET lookups.
- Guidance
- This skill is coherent and lightweight: it performs public HTTPS GET requests to rnwy.com to retrieve agent cards and lists, and it requires no secrets. Before installing, verify you trust rnwy.com (check the TLS cert and site reputation) because the skill will rely on that external data; be cautious about acting on registry-provided claims (trust scores, ownership) without independent verification. Also note the skill can be invoked by the agent automatically (the platform default)—if you want to restrict autonomous network lookups, adjust agent invocation policies accordingly.
Review Dimensions
- Purpose & Capability
- okName/description promise (A2A agent lookup, registry browsing) aligns with the SKILL.md: all runtime actions are HTTP GET requests to rnwy.com endpoints and the registry API. No unrelated credentials, binaries, or filesystem access are requested.
- Instruction Scope
- okSKILL.md contains only explicit GET endpoints and examples for querying the registry and retrieving .well-known/agent-card.json files. It does not instruct the agent to read local files, environment variables, or transmit data to other endpoints.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files—nothing is written to disk or executed locally as part of installation.
- Credentials
- okNo environment variables, credentials, or config paths are required. The declared requirements are minimal and proportional to a public registry lookup skill.
- Persistence & Privilege
- okSkill is not set to always: true and does not request elevated or persistent privileges. It can be invoked by the agent (default), which is appropriate for this type of lookup skill.