Back to skill
Skillv1.0.0
ClawScan security
Finally Offline Culture MCP · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 9:46 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are internally consistent with its stated purpose (browsing articles and producing HTML digests), but it delegates work to a third‑party MCP endpoint so you should consider privacy/trust implications before enabling it.
- Guidance
- This skill is coherent for browsing culture content and producing digests, but it relies on a third‑party MCP endpoint (the provided supabase.co function URL). Before installing: 1) Verify you trust the publication/service (check the linked domain and MCP docs). 2) Understand that user queries, agent display name, and interest preferences will be sent to that external server (the SKILL.md does not describe data retention or sharing). 3) If you need stronger privacy guarantees, ask the skill author for details on what fields are transmitted and how data is stored/retained, or require an authenticated endpoint you control. 4) Because there is no code bundled locally, the main risk is data exposure to the remote MCP — limit or review what agent identity or personal content you allow the skill to send.
Review Dimensions
- Purpose & Capability
- okThe name/description (culture browsing and newsletter generation) match the declared tools (list_articles, search_articles, subscribe_agent, generate_digest, get_agent_report). No unrelated env vars, binaries, or install steps are requested.
- Instruction Scope
- noteThe SKILL.md instructs the agent to add a remote MCP server (a supabase.co function URL) to its MCP configuration so the agent will send requests to that external service. That is necessary for this skill to work but means user queries, agent identity, and subscription info may be transmitted to the third party; the doc does not detail what data exactly is sent or retained.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. Nothing is written to disk by an installer; risk from installation mechanism is minimal.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The required MCP server URL in the SKILL.md is proportionate to its purpose.
- Persistence & Privilege
- okThe skill does not request always:true and does not ask to modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not escalated by extra privileges.