Skillv2.0.1

ClawScan security

Excel Formula · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 27, 2026, 2:09 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to do what it claims (generate/explain Excel formulas); it includes local bash helper scripts and stores data under the user's home directory, and there are minor inconsistencies but no evidence of hidden exfiltration or unrelated privileges.
Guidance: This skill is consistent with an Excel formula helper: it contains bash scripts that build/format formula explanations and will create a per-user data directory (default ~/.local/share/excel-formula) and write logs/history there. Before installing, consider: 1) confirm you are comfortable with a skill writing files under your home directory; 2) the SKILL.md mentions python3 but the included scripts appear to be bash-only—if you rely on a packaged installer, ask the author which runtimes are actually needed; 3) review the scripts locally (they are small and included) if you want to verify there are no network calls or unexpected behaviors. If you need higher assurance, request the full, non-truncated source from the maintainer or run the scripts inside a sandbox first.

Review Dimensions

Purpose & Capability: noteThe name/description match the included functionality: formula generation, explanation, troubleshooting, templates and tips. The package includes bash CLI scripts that implement those features. Minor mismatch: SKILL.md lists 'bash 4+ and python3' under Requirements, while registry metadata declares no required binaries; the scripts shown are bash-only and do not obviously call Python. This is likely an editorial/inventory inconsistency rather than malicious.
Instruction Scope: okRuntime instructions (SKILL.md) constrain the agent to Excel-related tasks and bilingual outputs. The provided scripts only format prompts and print formula guidance; they do not instruct the agent to read unrelated system files or environment secrets. They accept user input and echo it into output templates, which is expected for this purpose.
Install Mechanism: okNo install spec is provided (instruction-only), and included code files are local shell scripts. There are no downloads from remote hosts or package installs declared. This is low-risk from an install mechanism perspective.
Credentials: noteThe skill requests no credentials or sensitive env vars. It does respect EXCEL_DIR and XDG_DATA_HOME/ HOME for a local data directory (DATA_DIR). That is proportionate for a CLI helper that stores configuration/history. The SKILL.md mention of python3 is not justified by the visible scripts.
Persistence & Privilege: noteThe scripts create a per-user data directory (defaults to $XDG_DATA_HOME or $HOME/.local/share/excel-formula) and append logs; this is normal for a CLI tool but does mean the skill persists data on disk. 'always' is false. Agent autonomous invocation is allowed by default (platform behavior) but does not combine with other red flags here.