Back to skill
Skillv3.0.1
ClawScan security
Notion Powertools · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 24, 2026, 12:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: a local, instruction-only Notion Powertools reference that requires no credentials, network access, or install steps.
- Guidance
- This skill appears to be a simple, local reference tool and is coherent with its description. If you plan to use it in production or hand it network access, you may still want to: (1) inspect scripts/script.sh yourself (it's small and only prints docs); (2) be aware of a minor version string mismatch (metadata vs script) which is cosmetic; and (3) run it in a non-sensitive environment if you want to verify behavior before trusting it in automated workflows. No credentials or network access are required by the skill as provided.
Review Dimensions
- Purpose & Capability
- okName/description (Notion Powertools reference) match the provided assets. The included script.sh simply prints reference text for the documented commands; there are no unexpected binaries, env vars, or external services required. Minor non-security issues: the package metadata/version (3.0.1) differs from the script VERSION variable (3.0.0), but this is a bookkeeping inconsistency, not a capability mismatch.
- Instruction Scope
- okSKILL.md explicitly states outputs are plain-text heredocs with no external API calls. The runtime script only emits static documentation blocks, does not read config files or environment variables, and does not send data externally. There is no vague, open-ended instruction that would allow broad data collection.
- Install Mechanism
- okNo install spec is provided (instruction-only), so nothing is downloaded or written during install. The only code is scripts/script.sh which is included in the bundle.
- Credentials
- okThe skill declares no required environment variables or credentials and the code does not access any. No secrets or unrelated service tokens are requested.
- Persistence & Privilege
- okalways:false and user-invocable:true (typical). The skill does not modify other skills or system configuration and does not request permanent presence or elevated privileges.