Skillv1.0.0

ClawScan security

Firm Suppliers Pack · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 3, 2026, 6:01 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's declared purpose (procurement and supplier management) aligns with its instructions and it requests no unusual credentials or installs, but it is instruction-only with no provenance — validate the required extension and outputs before relying on it.
Guidance: This skill appears internally consistent with procurement tasks and asks for nothing sensitive, but it's instruction-only and lacks provenance. Before using it: (1) verify the source and trustworthiness of the required mcp-openclaw-extensions (what network calls and data retention does it perform?); (2) perform human review of any generated procurement documents (SKILL.md itself warns this); (3) test the skill in a limited environment to confirm it doesn't request or access organization credentials or systems; and (4) if you plan to enable 'risk monitoring', confirm how the platform implements watches/alerts and what permissions (if any) it will need. If you cannot confirm the extension's behavior or the skill's provenance, treat outputs as advisory only and avoid connecting sensitive systems or secrets.

Review Dimensions

Purpose & Capability: okThe name, description, and the five tool names all map to procurement/supplier-management tasks. The only declared dependency is mcp-openclaw-extensions >= 3.2.0, which is plausible for providing helper primitives; there are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope: noteSKILL.md contains high-level, scoped instructions and example invocations for supplier search, evaluation, TCO, contract checks, and risk monitoring. It does not instruct the agent to read local files, environment variables, or transmit data to unexpected endpoints. However, the file is marked as 'IA-generated — human validation required' and provides no implementation — the actual behavior will depend entirely on the mcp-openclaw-extensions and the platform's skill runtime, so verify what that extension does (network calls, data retention, third-party APIs).
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes file-write and install risks because nothing is downloaded or executed by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. This is proportionate to the stated purpose for a guidance/analysis pack. If integrations with vendor APIs are later added, those should require explicit, minimal credentials.
Persistence & Privilege: okalways is false and the skill does not claim to modify other skills or system-wide settings. The 'risk_monitor' tool suggests continuous monitoring, but there is no install or persistent agent component declared — verify how monitoring is implemented by the platform/extension before granting long-lived access.