Back to skill
Skillv1.0.0
ClawScan security
Generate Managed IT Services Provider Client Education Handout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 28, 2026, 12:16 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (create MSP client handouts) matches its instructions, but small provenance and metadata inconsistencies plus an unexplained allowance for Bash merit caution before installing.
- Guidance
- This skill appears to actually do what it claims (draft handouts with visuals) and has no declared credentials or installs — but before installing or running it: 1) verify provenance: the README's git clone references a different owner/slug than the registry metadata (qiaomu vs the registered toby owner); confirm the correct upstream repository and author. 2) If you plan to run the README's manual install, inspect that GitHub repo and recent commits for unexpected code. 3) Note SKILL.md allows the Bash tool — while the instructions don't invoke shell commands, an enabled Bash tool would permit execution of arbitrary shell commands if the agent were instructed to use it; consider disabling shell execution or running the skill in a sandbox. 4) Confirm image_generation/chat API usage and what data they will be sent (avoid auto-submitting confidential client data). If you want higher confidence, ask the publisher for the canonical repo URL, a signed release, or a diff of any code you'd be asked to install.
Review Dimensions
- Purpose & Capability
- noteThe name, description, and instructions all align with producing client education handouts and visuals (uses chat and image_generation). However README install instructions reference a different GitHub owner/slug (qiaomu...) than the registry metadata (owner ID kn75aa..., slug toby...), and SKILL.md homepage points to a generic skillboss URL — these provenance inconsistencies are unexpected for a simple instruction-only skill.
- Instruction Scope
- okSKILL.md procedures are scoped to clarifying audience, drafting content, enriching assets via platform APIs, and refining output. It does not instruct reading system files, exfiltrating secrets, or calling arbitrary external endpoints beyond the declared chat and image_generation APIs.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, minimizing install-time risk. The README includes manual clone instructions referencing a third-party GitHub repo — if you follow those instructions you would be downloading external code, so verify the repo first.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. SKILL.md references only platform capabilities (chat, image_generation). There is no apparent request for unrelated secrets or system credentials.
- Persistence & Privilege
- okalways is false and autonomy is allowed (the platform default). The skill does not request persistent system privileges or modifications to other skills. No elevated persistence flags are present.