Skillv0.0.1

ClawScan security

zenn · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 23, 2026, 10:02 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The SKILL.md aligns with a Zenn+GitHub drafting/publishing workflow, but the package metadata omits required binaries/credentials and the skill recommends installing npm packages—this mismatch is concerning and should be clarified before installing.
Guidance: This skill's instructions are coherent for publishing Zenn articles, but the registry metadata is incomplete: SKILL.md expects git, node/npm/npx and the ability to push to a GitHub remote (SSH key or token). Before installing/using: 1) Confirm you have node/npm and git available and understand that npm install will fetch and run third-party package code (audit package versions and consider using a lockfile). 2) Be aware that git push/PR requires GitHub credentials—only run pushes from repos you trust and where credentials are managed securely. 3) Verify the origin of this skill (source/homepage unknown) and prefer skills with a known upstream or source code. 4) If you need stronger assurance, run the workflow in an isolated environment or inspect the zenn-cli package contents first. If the maintainer can update metadata to list required binaries and note the implicit need for repo credentials, the inconsistency would be resolved.

Review Dimensions

Purpose & Capability: concernThe skill's description (publish Zenn via a GitHub repo) matches the instructions. However the registry metadata claims no required binaries or env vars while the runtime instructions explicitly call out git, npm/npx, and pushing to a GitHub remote. Declaring none of those requirements in metadata is inconsistent.
Instruction Scope: noteSKILL.md stays on-topic: it instructs creating articles in articles/, previewing with zenn-cli, and using Git/PR workflows. It does not ask the agent to read unrelated system files or exfiltrate data. It does, however, instruct running npm install and npx (which execute code) and performing git push/PR operations that will use repository credentials.
Install Mechanism: okThis is an instruction-only skill (no install spec). The workflow recommends installing zenn-cli via npm in the repo, which is a normal approach. Note: npm install can run package scripts and retrieve packages from the public registry—this is expected but carries the usual npm supply-chain considerations.
Credentials: concernThe skill declares no required env vars or binaries, but the instructions implicitly require: git, node/npm/npx on PATH, and authentication to push to GitHub (SSH keys or a token). The omission of these dependencies/credentials from metadata is a proportionality mismatch and an information gap the user should be aware of.
Persistence & Privilege: okalways is false and there is no install-time modification of other skills or global agent settings. The skill does not request persistent elevated privileges beyond normal repo operations.