Back to skill
Skillv0.1.5
ClawScan security
VeridicusScan MCP Analyst · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 7:09 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions match its stated purpose (using a local VeridicusScan MCP bridge to scan URLs, files, and prompts); nothing requested or installed is disproportionate or unexplained.
- Guidance
- This skill appears coherent for use with a local VeridicusScan MCP bridge. Before installing or invoking it: (1) Confirm your client/runtime provides a local MCP bridge and that you trust that process — the skill will direct prompts/files to that bridge for scanning. If the bridge is remote or managed by a third party, sensitive data could leave your environment. (2) Ensure you understand how the client discovers/authenticates the MCP bridge (the skill itself declares no credentials). (3) Note that allow_implicit_invocation may let the agent suggest this skill automatically — if you want explicit consent for every use, review platform invocation policies. If you need, provide the MCP bridge's connection details or the client's documentation so the skill can be evaluated in context.
Review Dimensions
- Purpose & Capability
- okThe name/description (MCP analyst for VeridicusScan) aligns with the instructions: methods like scan_url, scan_file, scan_text, and runtime-defense flows are all relevant and expected. The skill does not request unrelated credentials, binaries, or system paths.
- Instruction Scope
- noteThe SKILL.md expects a local VeridicusScan MCP bridge to be available and instructs the agent to call MCP methods (open_session, scan_file, scan_url, scan_text, etc.). This is coherent, but the instructions assume the client runtime provides those MCP methods and file-access plumbing; the skill does not declare how the bridge is discovered or authenticated. Verify the host/client MCP connector's behavior (local vs remote) before sending sensitive files or secrets.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — minimal disk footprint and no automatic downloads. Low install risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested. That matches the skill's role as a connector to an existing MCP bridge rather than a standalone service requiring secrets.
- Persistence & Privilege
- notealways:false and no install actions. The agents/openai.yaml sets allow_implicit_invocation: true, which permits implicit invocation when the platform's policy allows it. This is not inherently problematic but users should be aware the skill can be suggested/selected by the agent if the platform permits implicit invocation.