Back to skill
Skillv0.0.28
ClawScan security
Shop · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 7, 2026, 2:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's described capabilities (search, buy, track, return, re-order) align with its instructions and it requests no extra credentials or installs; nothing in the SKILL.md suggests unexpected or unrelated access.
- Guidance
- This skill appears coherent for shopping tasks. Before installing, confirm the runtime can perform network calls, fetch images, and store tokens only in ephemeral conversation memory (not persistent logs or files). Verify the shop.app endpoints are legitimate and that you are comfortable completing sign-in via the device-code URL shown in your browser. Do not paste tokens into chat (the skill also forbids this). If you plan to complete purchases, confirm checkout redirects/URLs go to expected merchant pages and handle payment information in a secure, trusted browser environment.
Review Dimensions
- Purpose & Capability
- okName and description match the instructions: search endpoints, similar-product queries, order tracking and an OAuth device flow for authenticated operations. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- okRuntime instructions stay within shopping scope: calling shop.app endpoints for search, similarity, auth and order operations; performing image downloads/ base64 encoding for similarity; and storing access/refresh tokens in ephemeral conversation memory. The doc explicitly forbids asking users to paste tokens. The instructions do require networking and the ability to poll the device-token endpoint — ensure your runtime permits that.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files, so nothing is being written to disk or downloaded during install.
- Credentials
- okThe skill declares no required environment variables or credentials. The only secrets used are OAuth tokens obtained via device-flow and the doc instructs they be stored only in ephemeral session memory — this is proportionate to order-tracking features.
- Persistence & Privilege
- okalways is false and autonomous invocation is allowed (platform default). The skill requests ephemeral session storage for tokens (normal). It does not request permanent system presence or modify other skills or system-wide settings.