ClawHub
Back to skill
v0.1.0

Find Skills (Robin's Fork)

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:24 AM.

Analysis

This instruction-only skill is aligned with helping users find skills, but it can guide the agent to install third-party skills globally, so users should approve and verify installs.

GuidanceBefore allowing this skill to install anything, verify the exact owner/repo@skill, review the linked source or skills.sh page, and consider running the install manually without `-y`. The skill is coherent and instruction-only, but global skill installs persist and can change future agent behavior.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
npx skills add <owner/repo@skill> -g -y ... The `-g` flag installs globally (user-level) and `-y` skips confirmation prompts.

This is purpose-aligned for a skill installer, but it gives the agent a direct path to change the user's installed skill set globally and bypass the CLI's confirmation prompts after the user indicates they want to proceed.

User impactA mistaken or insufficiently reviewed install could add persistent agent behavior the user did not fully understand.
RecommendationRequire explicit confirmation of the exact skill package before installing, show the source link, and consider omitting `-y` so the user can see confirmation prompts.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
`npx skills add <package>` - Install a skill from GitHub or other sources

The intended workflow installs third-party skills from external sources. That is expected for this skill's purpose, but package identity and maintainer trust matter.

User impactInstalling an untrusted or incorrect third-party skill could introduce unwanted instructions or capabilities into the agent.
RecommendationReview the skills.sh page or source repository for the exact package before installation, and prefer trusted maintainers or pinned versions where available.