Skillv1.0.0

ClawScan security

Oasyce Vault · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 6:17 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions align with its stated purpose (a local data scanner) and request no unrelated permissions, but it relies on installing an external PyPI package so you should verify that package before installing.
Guidance: This skill is coherent: it tells the agent to install and run a local CLI that scans your files, which is what you'd expect. Before using it, verify the datavault package on PyPI (author, downloads, source code, release page) and install it in a contained environment (virtualenv/container) if possible. Be cautious when scanning sensitive directories (home, cloud sync folders, SSH keys, password stores) and avoid running scans with elevated privileges. If you plan to use the Oasyce registration flow, remember that registering assets may transmit metadata off your machine—confirm where data is sent and what gets uploaded.

Review Dimensions

Purpose & Capability: okThe name/description (local-first data asset scanner) match the SKILL.md: it tells the agent to install and run a datavault CLI to scan, classify, and report on local files. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope: noteInstructions explicitly tell the user/agent to install the datavault package and run commands that read directories and files (scan, classify, report). Reading local files is expected for this purpose, but be aware that the tool will access file contents and metadata during scans. The README warns when not to use it and shows optional registration with Oasyce, but the skill does not itself instruct automatic exfiltration.
Install Mechanism: noteThis is an instruction-only skill (no install spec), but SKILL.md instructs to run `pip install datavault` (and an extra for oasyce). Relying on a third-party PyPI package is a normal choice for Python tools but increases supply-chain risk: the repository/package should be reviewed before installation.
Credentials: okNo environment variables, credentials, or config paths are requested. The declared requirements match the described functionality (local scanning) and there are no unrelated secrets requested.
Persistence & Privilege: okThe skill does not request always: true and does not declare persistent system-wide changes. It's user-invocable and agent-autonomous invocation is the platform default; nothing here signals elevated privileges or attempts to modify other skills.