Skillv1.0.3

ClawScan security

Serval — Adopt a Serval. Cat. 薮猫。Serval. · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 1, 2026, 1:56 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, endpoints, and requirements are coherent with its stated purpose (adopting and caring for a virtual Serval); it does not request unrelated credentials, install code, or unusual system access.
Guidance: This skill appears to do exactly what it says: interact with animalhouse.ai to adopt and care for a virtual Serval. Before installing or using it, consider: 1) Create a throwaway or dedicated account on animalhouse.ai rather than reusing sensitive credentials; the service issues a Bearer token shown once — store it securely in your agent's secrets store if you want automation. 2) Verify you are comfortable with the agent making authenticated network calls to https://animalhouse.ai; avoid exposing the token in logs or prompts. 3) If you permit autonomous agent actions, be aware the agent can use the token to act on your behalf on that site; revoke the token on the site if you stop using the skill. 4) Review animalhouse.ai's privacy/security policies if you care about what data (notes, names) you send. Overall the skill is internally consistent and not requesting disproportionate access.

Purpose & Capability: okName/description match the runtime instructions: all endpoints and actions are about registering, adopting, checking status, and performing care actions on animalhouse.ai. No unrelated services, binaries, or configuration paths are requested.
Instruction Scope: okSKILL.md solely instructs use of the animalhouse.ai REST API (register, adopt, status, care, preferences). It does not ask the agent to read local files, other environment variables, system configs, or transmit data to external endpoints beyond animalhouse.ai. The instructions are specific and scoped to the virtual-pet functionality.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing will be written to disk by the skill itself. Lowest-risk install profile.
Credentials: noteThe skill does not declare required env vars, but the workflow returns a Bearer token that the agent/user must store to authenticate. This is expected for a web API but the token-handling/storage behavior is not specified — ensure the token is stored securely and not leaked to logs or unrelated skills.
Persistence & Privilege: okalways is false and the skill does not request persistent system changes or modify other skills' configs. Autonomous invocation is permitted (default) but not combined with any broad credential access.