Skillv3.4.1

ClawScan security

Orders · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 17, 2026, 7:13 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with a simple local order-tracking tool that stores data under ~/.orders/orders.json and do not request unrelated credentials or network access.
Guidance: This appears to be a simple local orders tool that stores data in ~/.orders/orders.json and requires bash+python3. Before installing or running: 1) inspect the full scripts/script.sh file (the provided content was truncated in the listing) to ensure there are no hidden network calls or unexpected behavior in the remaining lines; 2) run it in a sandbox or non-sensitive account the first time to verify behavior; 3) ensure the ~/.orders directory has appropriate filesystem permissions if the data is sensitive; 4) note the SKILL.md version header differs slightly from registry version (minor mismatch) but is not itself dangerous. If you need the agent to run this autonomously, remember it will have access to the local orders file—limit autonomous invocation if that file contains sensitive customer data.

Purpose & Capability: okName/description promise (create, list, update, cancel, report orders) matches the provided SKILL.md and script. The script implements those commands and stores data locally in ~/.orders/orders.json; nothing required by the skill is disproportionate to that purpose.
Instruction Scope: okSKILL.md instructs the agent to run the included script with explicit subcommands. The script operates on a local data file and does not reference unexpected files, secrets, or external endpoints in the visible code. Commands and file paths are confined to the stated order-management scope.
Install Mechanism: okNo install spec is present (instruction-only). The skill includes a shell script that runs with bash + python3; no downloads or package installs are performed. This is a low-risk installation model for a local tool.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths beyond its local data directory (~/.orders). The script uses only environment variables it sets itself when invoking python and does not request or access unrelated secrets.
Persistence & Privilege: okalways is false and the skill does not request any elevated or persistent platform privileges. It stores data under the user's home directory (~/.orders) which is appropriate for this functionality.