Skillv1.0.0

ClawScan security

Card Benefits Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 27, 2026, 8:30 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and data files are coherent with its stated purpose (tracking card benefits) and do not request unrelated credentials or perform network/exfiltration; it operates entirely on local JSON files via included CLI tools.
Guidance: This skill appears coherent and limited to local bookkeeping for credit‑card perks. Before installing or running it, consider the following: - It executes local Python scripts that read and write JSON files inside the skill directory, so the agent (or any user process that runs the scripts) will have read/write access to those files — back up cards.json and your data/*.json files first. - The SKILL.md uses absolute paths tailored to a specific runtime (/home/node/.openclaw/…, /Volumes/docker/…). Verify and update paths if your environment differs so scripts run against the intended files. - The repository includes executable Python code (api/cli.py and generate_report.py). Review those files if you want to confirm behavior; they do not perform network calls or request secrets, but they will modify local files when invoked. - There are some minor code/format fragilities (e.g., truncated snippet/typos in the listing you were shown) that could cause runtime errors — run in a safe environment first. - If you plan to store real card account numbers or sensitive financial credentials, do not put them in these JSON files; this skill is designed for metadata (benefit names, amounts, renewal months), not for card numbers or authentication tokens. If you accept those caveats, this skill is internally consistent with its stated purpose.

Review Dimensions

Purpose & Capability: okName/description (tracking credit‑card benefits) matches what is included: a card catalog, monthly tracking files, a CLI for CRUD operations, and a report generator. No unrelated credentials, binaries, or external services are required.
Instruction Scope: noteSKILL.md constrains all data mutations to the included CLI (api/cli.py) and documents paths and schemas. That is appropriate for preventing file corruption, but the instructions reference absolute environment paths (e.g., /home/node/.openclaw/..., /Volumes/docker/...) which are environment-specific and may be inconsistent. The SKILL.md's prohibition on direct edits is a policy choice (not a security problem), but the agent or user must still be allowed to run the local Python CLI to make changes.
Install Mechanism: okNo install spec — instruction-only with bundled Python scripts and data files. No downloads, remote code fetches, or package installs are performed by the skill.
Credentials: okThe skill requires no environment variables, no credentials, and no config paths outside its own skill directory. All file I/O is limited to the skill's directory (cards.json and data/*.json).
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges. It writes/updates files only within its own skill folder using atomic writes, which is expected for this use case.