Skillv1.0.0

ClawScan security

Fabric CLI skill - Self-Organizing Personal Cloud · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 6:32 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with its stated purpose of driving the Fabric.so CLI; it primarily builds and runs Fabric CLI commands, performs read-only checks, and helps generate/redact agent memory notes.
Guidance: This skill appears to do what it says: build and run Fabric.so CLI commands, perform diagnostics, and generate redacted agent-memory notes. Before installing or allowing the agent to use it, consider: (1) it needs shell access and will run the `fabric` binary on your machine — ensure you actually use Fabric.so (not Microsoft Fabric or other 'fabric' tools); (2) the package metadata doesn't declare the `fabric` binary requirement even though the scripts expect it — the skill will fail harmlessly if `fabric` is missing, but be aware; (3) the SKILL.md references installing the CLI via curl|sh — never run installers blind; download and inspect the script first; (4) the included Python scripts execute subprocesses (they run local fabric commands and may run cat/printf for piping content); review the scripts if you have sensitive local files or very high security requirements; (5) state-changing operations (creating notes, uploading files, deleting tasks, modifying shell startup for completion) require explicit user confirmation per the skill's instructions. If you are comfortable letting an agent run local CLI commands and have verified you want Fabric.so interactions, this skill is coherent and appropriate to use.

Review Dimensions

Purpose & Capability: noteThe skill is explicitly for the Fabric.so CLI and the SKILL.md, templates, and scripts all implement that. One minor mismatch: the package metadata lists no required binaries, yet the runtime guidance and scripts expect an executable named `fabric` on PATH. That is a packaging omission but not evidence of malicious intent.
Instruction Scope: okSKILL.md and included scripts limit actions to building commands, running read-only diagnostics, capturing CLI help, and generating redacted memory notes. State-changing Fabric operations are gated by explicit user requests and the docs require confirmation for destructive actions. The scripts do call subprocesses to run local `fabric` commands when asked (including optional remote read-only calls), which is consistent with the stated purpose.
Install Mechanism: okNo install spec is included (instruction-only install), and all code is bundled rather than downloaded at runtime. The only external installer referenced is the official Fabric.so installer URL (curl -fsSL https://fabric.so/cli/install.sh | sh), and the SKILL.md explicitly warns to download and inspect before running.
Credentials: noteThe skill requests no environment variables or credentials in the manifest and the code explicitly tries to redact secret-like strings. However, it does interact with local files and will run subprocesses—so granting the skill shell access lets it invoke the Fabric CLI and inspect outputs. The omission of a declared required binary (`fabric`) in registry metadata is notable but likely a packaging oversight rather than an unexplained credential request.
Persistence & Privilege: okThe skill is not force-enabled (always: false) and does not request persistent elevated privileges. It does provide workflows to write content into a remote Fabric workspace, but SKILL.md requires explicit user approval for state-changing operations and for installing or modifying local shell start-up files.