Skillv1.0.0

ClawScan security

Site Overview Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 10, 2026, 10:30 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent: it describes a read-only snapshot summarizer and its instructions, dependencies, and privileges align with that purpose — but it assumes platform libraries exist and the source is unknown, so verify runtime availability and trust of referenced packages before installing.
Guidance: This skill appears to be a straightforward, read-only summarizer, but before installing: 1) confirm the agent runtime already provides the referenced packages (@campus-copilot/site-sdk, mcp-server, or mcp-readonly sidecars) or provide an install method; otherwise the skill will break; 2) verify the provenance/trust of those campus-copilot packages and sidecars (source/homepage is unknown here) to ensure they don't perform unexpected I/O or access live credentials; 3) test the skill in a non-production environment to confirm it truly only reads snapshot data and does not call live/private APIs; and 4) if you need higher assurance, review the code for the referenced SDKs/sidecars or ask the skill author for a source repository or install instructions.

Purpose & Capability: okName/description (one-site snapshot summary) matches the instructions (load a site overview and report counts/top items). The SDKs and sidecars it references are coherent with the stated purpose.
Instruction Scope: okSKILL.md restricts behavior to read-only snapshot inspection, enumerates inputs, and explicitly forbids mutating site state or claiming live data. It does not request unrelated files, credentials, or network exfiltration in the instructions.
Install Mechanism: noteThere is no install spec (instruction-only), but the runtime instructions require modules like @campus-copilot/site-sdk, @campus-copilot/mcp-server, or mcp-readonly sidecars. The skill assumes these libraries/sidecars are present in the agent environment; if they are not, the skill will fail. No arbitrary downloads or extract steps are present.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The lack of secrets is proportionate to the read-only snapshot summarization purpose.
Persistence & Privilege: okalways is false and the SKILL.md explicitly forbids mutating state. The skill does not request persistent presence or modify agent-wide settings.