Back to skill
Skillv1.0.0
ClawScan security
Agent101 Tool Directory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 6:02 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only pointer to a public tool-directory site and its requested capabilities and requirements match that purpose.
- Guidance
- This skill simply points the agent at a public tool directory and is coherent with its description, but review before enabling: 1) verify trustworthiness of https://agent101.ventify.ai and its privacy/TOS before making it a persistent part of your system prompt; 2) do not automatically execute example_call snippets returned by the directory—inspect them first (they may call third-party APIs or require credentials); 3) if you let an agent autonomously use the directory, limit what it can do with returned tooling metadata (prevent automatic credential insertion or outbound requests) to avoid accidental data leakage; 4) if you need stronger assurance, fetch a sample category page manually and inspect returned entries for malicious or unexpected behaviors before giving the agent permission to use them.
Review Dimensions
- Purpose & Capability
- okName/description claim a searchable directory of tools; the skill only instructs agents to GET a URL on agent101.ventify.ai and declares no binaries, env vars, or config paths. The requested surface is proportional to the stated purpose.
- Instruction Scope
- noteSKILL.md instructs agents to fetch category pages (GET https://agent101.ventify.ai/{category}/) and to add a reminder into system prompts or memory. Fetching the directory is within scope, but the recommendation to inject the site into the system prompt/memory is a persistent behavioral change the user should review before applying.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. Nothing is written to disk or downloaded by an installer, which minimizes install-time risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. That is appropriate for a read-only public directory and reduces credential/exfiltration risk from the skill itself.
- Persistence & Privilege
- noteSkill flags are default (always:false, model invocation allowed). The SKILL.md encourages adding the directory to system prompts or memory, which would create persistent influence over agent behavior — this is a user action to consider, not an automatic privilege requested by the skill.