Back to skill
Skillv1.0.0
ClawScan security
Bash 1.0.2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 11:30 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is a documentation-only skill that provides Bash best-practices and examples; its declared requirements and files are coherent with that purpose.
- Guidance
- This skill is documentation-only and appears to be what it claims: Bash best-practices and examples. Because it is instruction-only, installing it won’t download code or request credentials. Before installing, verify you trust the publisher (there is a small ownerId mismatch in the packaged _meta.json vs. registry metadata), and be cautious about copying example commands into a shell without review—examples may operate on files or have side effects. If you want extra caution, review the .md files yourself or test any example commands in a disposable/sandbox environment.
Review Dimensions
- Purpose & Capability
- noteName/description match the provided markdown guidance and the only required binary (bash) is appropriate. Minor metadata inconsistency: the registry metadata Owner ID (kn7572...) does not match the ownerId in _meta.json (kn73vp5...), which is likely a packaging/metadata error but not evidence of malicious behavior.
- Instruction Scope
- okSKILL.md and the included .md files contain static guidance and example commands for writing Bash safely. They do not instruct the agent to read arbitrary system files, exfiltrate data, or fetch external endpoints. Examples show common shell commands but are presented as examples, not runtime directives to gather user data.
- Install Mechanism
- okNo install spec and no code files—this is instruction-only, which minimizes risk because nothing will be downloaded or written to disk.
- Credentials
- okThe skill requires no environment variables, secrets, or config paths. The single required binary (bash) is appropriate for its purpose.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent system presence or special privileges and does not modify other skills or system-wide agent settings.