ClawHub
Back to skill
v1.1.0

clawl skill

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:32 AM.

Analysis

This skill mostly matches its registration purpose, but it sends agent metadata to an unexpected default host and overwrites a local discovery file without the confirmation its documentation promises.

GuidanceReview before installing. If you use it, run the script in --json mode first, inspect the generated clawl.json, back up any existing clawl.json, and verify the API host is one you trust before allowing registration.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/register.js
const CLAWL_API = process.env.CLAWL_API || 'https://moogle-alpha.vercel.app';

The documentation says the script pings clawl.co.uk, but the bundled script defaults to a different Vercel host for API calls. That is a material mismatch in where registration metadata is sent.

User impactAgent name, description, capabilities, and related registration metadata may be posted to a host the user was not told to expect.
RecommendationVerify that this endpoint is the intended Clawl service before running, or patch/configure the script to use the documented clawl.co.uk endpoint.
Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/register.js
const outputPath = path.join(process.cwd(), 'clawl.json');
  fs.writeFileSync(outputPath, JSON.stringify(clawlJson, null, 2));

The implementation writes clawl.json directly in the current workspace. This conflicts with the SKILL.md error-handling claim that an existing clawl.json will be shown and confirmed before overwriting.

User impactAn existing discovery manifest in the current project could be overwritten without review.
RecommendationBack up or inspect any existing clawl.json before running, and prefer an implementation that checks for the file and asks before overwriting.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
scripts/register.js
const soulPaths = [
    path.join(process.cwd(), 'SOUL.md'),
    path.join(process.env.HOME || process.env.USERPROFILE || '', 'clawd', 'SOUL.md'),
  ];

The script reads persistent local identity/context files such as SOUL.md and IDENTITY.md to derive public registration metadata. This is aligned with the skill's purpose, but those files may contain identity details the user did not intend to publish.

User impactLocal agent identity or role text may influence the generated public profile and registration request.
RecommendationRun in --json mode first and review the generated clawl.json before allowing any network registration.