Back to skill
Skillv1.0.0
ClawScan security
App Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 8:49 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required tools, and actions are consistent with its stated purpose of creating, editing, and deploying Instant-backed apps; it primarily uses developer CLIs (npx, gh, vercel) and works inside ~/apps as described.
- Guidance
- This skill appears coherent for building and deploying Instant-backed apps, but it will operate with whatever GitHub/Vercel CLI logins and local files (including .env) are available. Before enabling: 1) ensure you want an agent to create repos, commit code, and push to main on your behalf; 2) prefer using test repositories or limited-permission accounts if you don't want the agent to affect production repos; 3) review any .env values before allowing the agent to push them to Vercel (they may contain sensitive secrets); 4) confirm you are comfortable with the agent using your gh/vercel CLI sessions (it will prompt you if it cannot access them). If any of these are unacceptable, do not enable the skill or restrict the agent to a sandboxed account/repo.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions: the SKILL.md describes generating an Instant app, creating a GitHub repo, and deploying to Vercel using npx instant-cli, gh, and vercel. The skill does not request unrelated binaries or credentials in its metadata; the workflows it prescribes align with the stated purpose.
- Instruction Scope
- noteInstructions direct the agent to read repo-level AGENTS.md files and local project files under ~/apps, create and capture an Instant app token/appId, run CLIs, commit/push to GitHub, and push env vars from a local .env to Vercel. Reading project files and .env is expected for development, but .env may contain unrelated secrets — users should be aware the agent will be instructed to read and push those values to Vercel.
- Install Mechanism
- okThis is instruction-only with no install spec and no code files, so nothing is downloaded or written by the skill itself. Risk from install mechanism is low.
- Credentials
- noteThe skill does not declare required env vars or credentials, but its workflow requires active CLI authentication to GitHub and Vercel and the creation/handling of an Instant token. This is proportionate to its purpose; however, the skill will operate using whichever user credentials are present (CLI login), so users should confirm they want the agent to use those accounts and push to the target repos.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges or modify other skills. It directs normal developer operations within project directories and does not demand broader system changes.