Skillv1.0.0

ClawScan security

Homebrew · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 1:47 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are consistent with a Homebrew management helper; it mainly runs expected brew commands and (with user consent) the official Homebrew installer — nothing appears incoherent or unrelated to its stated purpose.
Guidance: This skill is coherent for managing Homebrew, but it runs shell commands on your Mac and — with your consent — will fetch and execute Homebrew's remote installer script. Before installing or making destructive changes: (1) confirm you trust the operator and the environment, (2) ask the skill to show the exact commands it will run and approve them, (3) consider running sensitive commands yourself if you prefer manual control, and (4) have backups or a recovery plan for important data. If you want stricter controls, deny installer execution and request only read-only diagnostics or explicit command previews.

Review Dimensions

Purpose & Capability: okName/description match the runtime instructions. All requested actions (detecting brew, update/install/uninstall/search/diagnostics, Brewfile workflows) align with a Homebrew management skill; there are no unrelated env vars, binaries, or config paths.
Instruction Scope: noteInstructions stay within Homebrew management scope. They explicitly require running shell commands on the host and, with user consent, fetching and executing the Homebrew installer script. This is expected for installing Homebrew but is an operation that changes the system and should only be run after explicit user confirmation.
Install Mechanism: noteThe skill is instruction-only (no install spec). It directs running the official Homebrew installer via a curl to raw.githubusercontent.com script — a well-known host and standard Homebrew method, but it still entails fetching and executing remote code, which is intrinsically higher-risk than local-only commands.
Credentials: okNo environment variables, credentials, or config paths are requested. The skill does not ask for unrelated secrets or access, which is proportionate to its purpose.
Persistence & Privilege: notealways is false and the skill is user-invocable. The agent is expected to run commands on the user's machine (normal for this skill). Some brew operations or the installer may require elevated permissions or modify system state; the SKILL.md advises asking before installing/destructive fixes, which is appropriate.