Skillv1.0.0

ClawScan security

OPC Framework · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 21, 2026, 1:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: An instruction-only multi-skill framework for solo founders that is internally consistent: it contains guidance for ideation, development, deployment, and operations but requests no credentials, binaries, or installs in its packaged form.
Guidance: This package is an instruction-only framework and appears coherent with its stated purpose. Before installing or running it, consider the following: - The skill itself does not require keys or install anything, but many subskills recommend connecting third-party services (Supabase, Firebase, Zapier/Make, Sentry, Buffer, Cloudflare, payment platforms). Only provide API keys or webhook access to those services when you intentionally enable a particular integration and trust the recipient. - Review which subskills you plan to use. If you only need ideation and PRD writing, you can ignore the deployment/ops recommendations that imply infrastructure changes. - The framework suggests actions that may cause external network activity (domain checks, social listening, publishing to social platforms, automated replies). Treat those as user-driven choices and verify any automation you configure sends data only to destinations you approve. - Because this is instruction-only text, it cannot autonomously exfiltrate secrets from your environment without you wiring it to external services. Still, be cautious when granting it downstream permissions (webhooks, Zapier, Slack tokens, cloud provider keys). If you want deeper assurance, ask the skill author for a minimal manifest of which subskills perform network calls and a list of exact endpoints they will contact when enabled.

Review Dimensions

Purpose & Capability: okThe skill's name/description (OPC Framework for solo entrepreneurs) matches the delivered content: 14 language-localized subskills covering planning, research, writing, development, deployment, operations, etc. Required resources are all advisory (LLM providers, BaaS, SaaS tools) and there are no declared environment variables, binaries, or config paths that would be mismatched with the stated purpose.
Instruction Scope: noteThe SKILL.md and subskill documents are prose guidance and templates describing what the agent should do (e.g., use social-listening, check domains, clone boilerplates, configure environment variables, integrate with services like Supabase, Zapier, Sentry, Buffer). This is consistent with a workflow-oriented framework. Nothing in the instructions directs the agent to read arbitrary host files or hidden credentials; however many steps implicitly assume the user will connect third-party services (which requires credentials) — the skill itself does not request or access them.
Install Mechanism: okThere is no install specification and no code files executed by the platform. This instruction-only packaging minimizes risk associated with downloads or running third-party code. The included files are documentation/skill metadata only.
Credentials: okThe registry metadata declares no required environment variables, no primary credential, and no config paths. Subskills mention typical operational secrets in the context of configuring third-party services (e.g., API keys for BaaS or monitoring services) but do not demand them at install time. The requested access footprint is proportionate to a workflow that may later integrate with external tools.
Persistence & Privilege: okFlags show always:false and normal autonomous invocation allowed. The skill does not request persistent presence, nor does it modify other skills or system-wide configs. Being user-invocable and able to run autonomously is the platform default and is not, by itself, an elevated privilege here.