ClawHub
Back to skill
v1.0.0

Mcp Review

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:13 AM.

Analysis

This is a read-only MCP tool-design review skill; it may search and read project files, and it allows helper-agent use, but the artifacts show no code execution, credential access, or data mutation.

GuidanceThis skill appears safe for its stated purpose. Before installing, note that it is designed to read and search MCP-related project files, including mock-data files, so use it on the intended repository and avoid pointing it at files containing secrets or real personal information.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
通过 Glob 查找 `**/*server*.py` 或包含 `@mcp.tool()` 的文件 ... 审查时读取完整的 server 文件 + formatter 文件 + mock_data 文件

The skill directs the agent to search for and read multiple local project files. This is appropriate for MCP tool-definition review, but it means source and mock data may enter the review context.

User impactThe skill may inspect more than the single file the user had in mind if it searches the workspace for MCP server-related files.
RecommendationUse it in the intended project directory or provide exact file paths, and avoid including secrets or real personal data in mock files.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityInfoConfidenceMediumStatusNote
SKILL.md
allowed-tools: Read, Glob, Grep, Agent

The skill permits use of an Agent tool. The artifacts do not require helper-agent use or show persistence/exfiltration, but delegation could pass reviewed code context to another agent.

User impactIf helper-agent delegation is used, parts of the reviewed project context could be shared within that agent workflow.
RecommendationIf you want a single-agent review, disable or avoid Agent delegation; otherwise keep the review scope limited to files you are comfortable sharing with the agent context.