Skillv1.0.6

ClawScan security

Md Web · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 28, 2026, 10:24 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements, files, and runtime instructions are coherent with its claimed purpose (uploading Markdown to a user-configured S3-compatible bucket and serving it via Docsify), but you should review and treat the stored credentials and resulting public URLs carefully before use.
Guidance: This skill appears to do what it says: it uploads .md files to a S3-compatible bucket and serves them via a bundled Docsify server. Before installing or using it: (1) review upload.js source yourself (it wasn't included inline here for full inspection) to confirm no hidden network telemetry or unexpected behavior; (2) only provide credentials scoped to the specific bucket and with minimal permissions (Object Read/Write rather than full account admin) unless you want automatic lifecycle rules; (3) understand uploaded files will be publicly accessible — do not upload secrets or private content; (4) be aware credentials are stored in plaintext at ~/.md-web/config.json, so secure that file (disk encryption, restrictive file permissions) or use a short-lived token; (5) if you need to avoid public hosting, do not enable the bucket's public access and do not use this skill. If you want higher confidence, paste the full upload.js implementation so it can be audited for network calls, credential handling, or any unexpected external endpoints.

Review Dimensions

Purpose & Capability: okName/description (publish Markdown as a web page) aligns with included artifacts: a node upload script (upload.js) and bundled Docsify assets. Requiring node and asking the user for S3-compatible credentials/endpoints is appropriate for this functionality.
Instruction Scope: noteSKILL.md instructs the agent to read/write a user-local config (~/.md-web/config.json), create temporary files, and run node upload.js to upload the .md and deploy Docsify assets to the user's S3 endpoint. Those actions are within scope for publishing markdown, but they involve storing credentials on disk and making uploaded files publicly accessible — both are explicitly documented in the SKILL.md and should be understood by the user.
Install Mechanism: okThis is instruction-only (no install spec). Docsify assets are bundled locally and no external downloads are specified. That keeps the install surface small and predictable.
Credentials: noteNo environment variables are requested. The skill asks the user for S3 credentials (access_key/secret_key), endpoint, bucket, and public_url — appropriate for S3 uploads. However credentials are stored in plaintext in ~/.md-web/config.json per SKILL.md, which is sensitive; use least-privilege API tokens and consider rotating or scoping tokens to the bucket only.
Persistence & Privilege: okalways:false and user-invocable:true. The skill writes configuration to a user-scoped directory (~/.md-web/) and tracks deployment state (.deployed) — expected for this use case and not an excessive system privilege.