Skillv1.0.0

ClawScan security

Generate Travel Hospitality Ad Creative Brief · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 28, 2026, 4:40 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: Instruction-only skill that sticks to creating ad creative briefs and image-generation, with no requested credentials or installs, though provenance and a couple of vague references merit review before use.
Guidance: This skill appears to do what it says: draft ad creative briefs and call image-generation. Before installing or invoking it: 1) verify the skill's provenance (README references a different repo/slug than the registry entry), 2) confirm which image-generation provider and SkillBoss capabilities the agent will call (to understand downstream permissions and costs), 3) avoid providing any sensitive credentials or proprietary customer data to the skill, and 4) if you permit autonomous invocation, be aware the agent could call other skills per the vague 'use relevant SkillBoss capabilities' instruction — review those other skills' permissions first. The absence of scan findings is not a guarantee of safety; provenance checks and a quick manual review are recommended.

Purpose & Capability: noteThe skill's name, description, and declared APIs (chat, image_generation) align with creating travel/hospitality ad creative briefs. However, README and install instructions point to a different author/repo slug (qiaomu...) than the registry owner/slug (toby...), which is a provenance mismatch worth checking.
Instruction Scope: noteSKILL.md stays within scope: clarifies audience/goal, drafts briefs, and suggests using SkillBoss capabilities and image_generation. The only broad element is the instruction to 'use the relevant SkillBoss capabilities' which is vague and could allow the agent to call other skills; SKILL.md does not instruct reading local files, env vars, or transmitting data to unknown endpoints.
Install Mechanism: okNo install spec and no code files — lowest-risk, instruction-only skill. README suggests cloning a GitHub repo for manual install; the repo owner slug differs from the registry metadata, so verify the source before manually installing.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths — access requests are minimal and proportionate to its stated purpose.
Persistence & Privilege: okalways:false and normal autonomous invocation allowed (disable-model-invocation:false). The skill does not request persistent system presence or modifications to other skills' configurations.