Skillv1.0.0

ClawScan security

Web Scraper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 13, 2026, 11:20 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and behavior are internally consistent with a web-scraper — it is an instruction-only scraper template with no unexpected credential or install requests.
Guidance: This skill is an instruction-only web-scraper and appears coherent and low-risk from the manifest (no installs, no credentials). Before using it, consider: 1) legal/ethical risk — ensure you have rights to scrape a target and respect robots.txt and TOS; 2) scope control — restrict crawling to specific allowlists and set conservative depth/rate limits to avoid accidental broad crawls or DOS; 3) sensitive targets — do not allow the agent to crawl internal/private URLs or sites requiring authentication unless you trust the outcome; 4) data exfiltration risk — although the skill does not request credentials, scraped data could still be transmitted elsewhere by the agent/platform, so review platform network/output policies; and 5) testing — try on a small, public test site first. If you want stronger guarantees, require explicit user confirmation for any multi-page crawl and add an allowlist/denylist enforcement step in the SKILL.md or platform policy.

Purpose & Capability: okName and description match the SKILL.md. Requested capabilities (data extraction, formats, rate-limiting, proxy support, robots.txt) are appropriate for a web scraper and there are no unrelated environment variables, binaries, or install steps.
Instruction Scope: noteThe SKILL.md is high-level and describes typical scraping commands and best practices (respect robots.txt, rate limits, UA rotation). It does not instruct reading local files or environment variables, nor does it point to unexpected external endpoints. However, it is intentionally permissive (e.g., 'crawl [website] depth [n]') and lacks enforcement of safeguards—so an agent using this skill could be directed to crawl wide ranges of sites unless additional runtime limits or confirmations are imposed.
Install Mechanism: okNo install spec and no code files are present, so nothing is written to disk and there is no third-party package download risk.
Credentials: okNo environment variables, credentials, or config paths are requested. The lack of declared secrets is proportional to an instruction-only scraper.
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated privileges. It does not attempt to modify other skills or system-wide settings.