Skillv1.0.0

ClawScan security

Snyk Skill Scanner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 3:38 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally coherent — it is an instruction-only wrapper that runs an external Snyk agent scanner to audit skills and agent components, requests no credentials, and does not modify system state — but it explicitly runs external code and suggests installing utilities via curl|sh, so verify sources before use.
Guidance: This skill is coherent for its stated purpose, but it relies on fetching and running third-party tooling at scan time. Before you use it: 1) verify the authenticity of uvx/uv and snyk-agent-scan (check official project pages, release signatures, and the GitHub repository referenced), 2) avoid piping unknown curl scripts into sh — prefer package managers or audited install steps, 3) run scans from a least-privilege or isolated environment if possible, and 4) review scan results carefully before taking automated remediation steps. If you need higher assurance, ask the skill author for a pinned release URL or signed binary rather than using @latest.

Review Dimensions

Purpose & Capability: okThe name/description (Snyk Skill Scanner) matches the instructions: it tells the agent operator how to run snyk-agent-scan via uvx to scan skills and MCP servers. All declared metadata (no env, no binaries, no install spec) is consistent with an instruction-only scanning helper.
Instruction Scope: noteSKILL.md stays on-topic: it instructs running uvx snyk-agent-scan against skill and MCP paths and shows expected outputs. It references common skill paths and offers flags like --skills and --json. It explicitly notes that it executes external code (snyk-agent-scan via uvx), which is appropriate for a scanner but expands runtime trust requirements — the user/agent will fetch and run third-party code.
Install Mechanism: concernThere is no formal install spec in the skill, but the docs instruct using uvx to fetch snyk-agent-scan@latest and provide bootstrap instructions for uv that include a curl | sh installer (astral.sh). Both uvx and uv will download/execute external code at runtime; recommending curl | sh is a moderate risk vector. This is expected for a tool that runs external scanners, but users should verify sources and prefer vetted package managers or signed releases.
Credentials: okThe skill requests no environment variables, no credentials, and no special config paths. That is proportionate for a read-only scanning helper that runs an external scanner and reports findings.
Persistence & Privilege: okalways:false and no install or file writes are requested by the skill. It does not demand persistent presence or modify other skills' configurations.