Back to skill
Skillv1.0.1
ClawScan security
UUID Gen · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 1:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is a small, instruction-only UUID generator that uses Python's standard library and asks for no credentials or installs — its declared purpose matches what the instructions do.
- Guidance
- This skill appears benign and self-contained: it only shows Python examples using the standard uuid module and requests no secrets or installs. Before use, ensure you have a trusted Python runtime on your system (the examples run via python -c). If you care about privacy, avoid UUID v1 (it can embed MAC/time info) and prefer v4 for general-purpose IDs. If you will run these commands in an automated agent, remember they execute locally — verify you trust the environment that will run them.
Review Dimensions
- Purpose & Capability
- okName/description (UUID generation, formats, validation) matches the instructions which only demonstrate using Python's built-in uuid module and related stdlib modules; no unrelated capabilities or external services are requested.
- Instruction Scope
- okSKILL.md contains only local Python examples (uuid, os, datetime, json) run via python -c. It does not instruct reading unrelated files, exfiltrating data, or calling external endpoints.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so nothing is written to disk or downloaded during install.
- Credentials
- okNo environment variables, credentials, or config paths are required; the examples run purely with standard-library Python and require nothing extra.
- Persistence & Privilege
- okThe skill is not always-enabled and requests no elevated privileges or persistent configuration; autonomous invocation is allowed by default but combined with the minimal scope it presents low risk.