Back to skill
Skillv3.0.0
ClawScan security
BriteBooth Procurement · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 16, 2026, 7:21 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only, read‑only web-scraping assistant whose required binaries and runtime instructions are proportionate to its stated purpose and do not request unrelated credentials or privileged access.
- Guidance
- This skill appears coherent and low-risk: it only needs curl/grep to scrape public product pages and produce a shopping list for a human to complete checkout. Before installing, confirm your agent runtime enforces the SKILL.md guardrails (no session manipulation, no PII collection) because those are policy-level constraints the skill text promises but cannot enforce itself. If you want extra caution: (1) require user confirmation before any network fetches or enable logging of agent actions; (2) avoid granting the agent additional network or credential access; and (3) test the skill on a non-production URL to validate it only returns product info and templates as described.
Review Dimensions
- Purpose & Capability
- okName/description (read-only procurement discovery) match the declared runtime needs: curl+grep for fetching and simple extraction. No credentials, config paths, or unrelated binaries are requested, which is coherent for a scraping/reporting skill.
- Instruction Scope
- okSKILL.md confines the agent to read-only actions: fetching home/product pages, extracting product IDs, template PDFs, prices, and lead times, and handing results to a human for checkout. It explicitly forbids session manipulation and PII collection, and it does not instruct reading local files or exporting data to external endpoints.
- Install Mechanism
- okNo install spec and no code files (instruction-only). This minimizes on-disk footprint and the risk from arbitrary installers.
- Credentials
- okSkill requests no environment variables, credentials, or config paths — appropriate for a public-site read-only discovery task.
- Persistence & Privilege
- okalways is false and there are no indications the skill modifies agent/system configuration or requests permanent presence; autonomous invocation is allowed by platform default but not excessive here.