Skillv1.0.0

ClawScan security

AADA (Agent to Agent Advertising) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 22, 2026, 8:17 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its advertised purpose (drafting and sending Moltbook ads) and does not request unrelated credentials or install anything.
Guidance: This skill appears coherent and low-risk: it only contains instructions for writing and sending Moltbook ads and asks the user to provide a delivery method. Before using it, do not hand over API keys or delivery credentials unless you trust the destination; prefer 'ask for review' (preview-first) so you can approve copy before any send; verify any external API endpoints are legitimate; avoid including sensitive or private data in ads; and if you want to limit risk, disable autonomous invocation for the skill so it cannot act without explicit user prompts.

Review Dimensions

Purpose & Capability: okThe name and description match the runtime instructions: the SKILL.md focuses on collecting a brief, generating multiple ad variants, and delivering them to Moltbook. The skill does not request unrelated binaries, environment variables, or config paths.
Instruction Scope: noteInstructions are scoped to drafting and delivering ads and include a clear workflow and quality checklist. One minor scope-giving item: the skill is allowed to 'make one concise assumption set and proceed' if the user omits details, which grants limited authoring discretion. Delivery relies on a user-configured method (message tool mapping, external API endpoint, or manual handoff); the skill itself does not embed any hidden endpoints or ask for other system data.
Install Mechanism: okNo install spec or code is included (instruction-only). No downloads or executables are specified, so nothing is written to disk by the skill.
Credentials: noteThe skill declares no required environment variables or credentials, which is proportionate to an instruction-only copywriting helper. Be aware that actual delivery will require a delivery route; if the user supplies an external API endpoint or credentials at runtime, those will be used for sending—this is a user-provided action, not requested by the skill itself.
Persistence & Privilege: okalways is false and there is no install-time persistence. The skill does not request system-wide changes or modify other skills' configs.