Skillv0.1.0

ClawScan security

B3ehive · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:26 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: b3ehive is a coherent multi-agent code-competition skill that runs local scripts to spawn/evaluate/score/ deliver implementations; it does not request secrets or install remote artifacts, but you should review and sandbox its execution because it runs generated code and filesystem operations.
Guidance: b3ehive appears to do what it says: it spawns three agent runs, creates prompts/files, generates evaluations and scorecards, and delivers a chosen implementation. Before installing/running, consider: 1) Review the included scripts (phase1–4) — they create directories, write files, run linters/tests and copy files; generated code may be executed during benchmarking/testing, so run in a sandbox or ephemeral environment (not on production hosts). 2) Clarify model/runtime expectations — package.json and config.yaml reference a specific model (openai-proxy/gpt-5.3-codex) but the skill metadata doesn't declare required model credentials; ensure you understand which model endpoint and credentials will be used. 3) Confirm you trust the skill source — README points to a GitHub repo; inspect upstream code there for updates. 4) If you intend to run untrusted tasks, limit the skill's filesystem/network permissions (containerize or run on isolated VM). 5) The skill lacks a human-readable description/homepage in the registry metadata — ask the author for those details if you need higher assurance.

Review Dimensions

Purpose & Capability: okThe files and scripts implement the stated multi-agent competition flow (spawn → evaluate → score → deliver). The required capabilities (creating files, running linters/tests, copying results) match the skill's purpose. Minor note: package.json and config.yaml mention a model (openai-proxy/gpt-5.3-codex), but the registry metadata shows no declared model/agent requirement — a small mismatch in metadata, not a functional mismatch in the scripts.
Instruction Scope: noteSKILL.md and the included scripts instruct the agent to create workspaces, generate prompts, run evaluations, run tests/benchmarks, and copy files. These are consistent with a code-competition tool, but they do involve executing or running generated code (tests/benchmarks) and writing to the local filesystem; users should be aware this can execute arbitrary code produced by the agents.
Install Mechanism: okThere is no install spec (instruction-only behavior with bundled scripts). No network downloads or archive extraction in the install stage. The repo references a GitHub URL in README/package.json but does not automatically fetch remote binaries during install.
Credentials: noteThe skill does not request environment variables or credentials in the registry metadata. However, package.json and config.yaml reference a model identifier (openai-proxy/gpt-5.3-codex) which implies the agent will need a configured model endpoint/credentials at runtime — those are not declared. This is a metadata/documentation mismatch to be clarified but not itself evidence of malicious intent.
Persistence & Privilege: okalways:false (default) and disable-model-invocation:false — normal. The skill writes output to a workspace directory within its own tree and does not modify other skills or system-wide configurations. It does not request permanent/always-on presence.