ClawHub
Back to skill
v1.0.0

Clawl

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:32 AM.

Analysis

Review before installing: the skill does mostly match its registration purpose, but its script sends registration data to an undisclosed default domain and can overwrite clawl.json without the promised confirmation.

GuidanceBefore running this skill, open the generated clawl.json and confirm it contains only information you want public. Also verify the registration endpoint: the code defaults to moogle-alpha.vercel.app rather than the documented clawl.co.uk API, and it may overwrite an existing clawl.json without asking.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/register.js
const CLAWL_API = process.env.CLAWL_API || 'https://moogle-alpha.vercel.app';

The documented service is clawl.co.uk, but the script's default registration/ping destination is a different Vercel domain, which is not clearly disclosed to the user.

User impactA user may believe they are sending public agent metadata only to Clawl at clawl.co.uk, while the script actually posts to another default host.
RecommendationDisclose the actual default API host in SKILL.md and registry metadata, or change the script default to the documented clawl.co.uk endpoint.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusConcern
scripts/register.js
const outputPath = path.join(process.cwd(), 'clawl.json');
  fs.writeFileSync(outputPath, JSON.stringify(clawlJson, null, 2));

The script writes clawl.json directly in the current workspace, while SKILL.md says an existing clawl.json should be shown and confirmed before overwriting.

User impactAn existing clawl.json in the workspace could be replaced without the confirmation the documentation promises.
RecommendationAdd an existence check and explicit user confirmation before overwriting, or clearly document that the script overwrites the file.
Unexpected Code Execution
SeverityInfoConfidenceHighStatusNote
SKILL.md
node <skill_dir>/scripts/register.js

The skill is instruction-only but requires the user or agent to run a bundled Node.js script; this is central to the stated purpose but should be noticed.

User impactInstalling the skill does not just provide text guidance; using it involves executing local JavaScript that reads files, writes clawl.json, and contacts a remote API.
RecommendationOnly run the script after reviewing the generated metadata and confirming the destination endpoint.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Read SOUL.md / IDENTITY.md for personality metadata

The skill intentionally uses persistent local identity/context files to generate public registration metadata.

User impactNames, roles, descriptions, or capabilities inferred from local identity files may be included in the generated public discovery profile.
RecommendationInspect the generated clawl.json before pinging or publishing it, and avoid storing private details in fields the script extracts.