Skillv0.2.11

ClawScan security

MetriLLM · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 2:13 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with its stated purpose (benchmarking local LLMs); nothing requested is disproportionate, though the user should review the npm package and the optional leaderboard sharing before installing.
Guidance: This skill is coherent for benchmarking local LLMs, but take two precautions before installing: (1) review the npm package / GitHub repo (https://github.com/MetriLLM/metrillm) or audit the package contents before running npm install -g, since global npm installs execute third-party code on your machine; (2) only use --share if you consent to publishing model names, scores and hardware details (the README says no personal data is sent, but verify what the package actually uploads). Also ensure you have Node 20+ and run Ollama or LM Studio locally as instructed.

Review Dimensions

Purpose & Capability: okThe name/description match the instructions: it tells you how to install the metrillm CLI, requires Node 20+ and a local LLM server (Ollama or LM Studio), and runs benchmarking commands. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteInstructions stay within the benchmarking scope (run metrillm bench, view local ~/.metrillm/results/). One caution: the optional --share command uploads results (model name, scores, hardware specs) to metrillm.dev; the SKILL.md states no personal data is sent, but that claim cannot be verified from instructions alone. The skill does not instruct access to unrelated files or env vars.
Install Mechanism: noteInstallation is via npm (npm install -g metrillm) which is a standard delivery for a Node CLI. npm installs are moderate-risk because they execute third-party code on your system; this is proportionate to the stated purpose but you should inspect the package or source repository before global installation.
Credentials: okNo environment variables, credentials, or config paths are required. The only data potentially exported is from the explicit --share action (model, scores, hardware specs), which is reasonable for a community leaderboard.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable. It does not request persistent elevated privileges or modify other skills. Autonomous invocation is permitted by default (normal), but nothing in the skill attempts to gain extra persistence.