Skillv1.0.1

ClawScan security

Email Importance Content Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 4:49 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only email triage guideline that is internally consistent with its stated purpose and does not request unexpected credentials or install code.
Guidance: This skill is a set of safe, sensible triage instructions and appears coherent. Before installing/use: (1) Confirm whether you want manual use (paste an email for analysis) or automated access — automated fetching would require mailbox credentials, which this skill does not declare. (2) Never supply broad OAuth tokens or mailbox credentials unless you trust the skill owner and understand exactly what will be accessed. (3) Test the skill on non-sensitive emails first. (4) Ask the publisher to clarify what 'gog `gmail get`' refers to and whether any automation would attempt to access your mailbox or send data to external services.

Review Dimensions

Purpose & Capability: okThe name/description match the SKILL.md: it explains subject-first triage, when to do technical checks (SPF/DKIM/DMARC/links/attachments), content analysis, and recommended next steps. The skill does not ask for unrelated credentials or system access that would be inconsistent with email triage.
Instruction Scope: noteInstructions stay within email-triage scope (subject/sender check, optional header inspection, link/attachment caution, out-of-band verification). They do not direct the agent to read unrelated files, environment variables, or to transmit data to arbitrary endpoints. Minor ambiguity: SKILL.md mentions obtaining raw headers via mailbox UI or via 'gog `gmail get`' — if an automation used that command it would require mailbox API access, but the skill does not declare or request such credentials.
Install Mechanism: okNo install spec and no code files — instruction-only skills have minimal install risk and nothing is written to disk or downloaded.
Credentials: noteThe skill declares no required environment variables or credentials, which is proportionate for a guidelines-only skill. Be aware: fully automated execution that fetches headers or emails would require mailbox credentials (OAuth/API tokens), but those are not requested here — so automated fetching is not supported by the skill as-declared.
Persistence & Privilege: okalways is false and the skill does not request persistent agent configuration or elevated platform privileges. Default autonomous invocation (disable-model-invocation=false) is normal and not problematic by itself.