ClawHub
Back to skill
v1.4.6

Museum Guide

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:16 AM.

Analysis

The skill is a coherent museum-route planner, with disclosed use of local CSV data, a configured LLM API key, and optional online search, and no artifact-backed evidence of destructive or deceptive behavior.

GuidanceThis appears safe to install for museum itinerary planning. Before using it, configure only a trusted LLM endpoint, use a dedicated API key, and remember that your museum request and preferences may be sent to that provider or to the local ProSearch gateway when online lookup is needed.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
metadata
Install specifications: No install spec — this is an instruction-only skill. Code file presence: 5 code file(s)

The package includes executable Python scripts even though the install metadata does not declare runtime requirements.

User impactThe skill may fail or behave differently depending on the local Python environment and installed libraries, even though no install requirements are declared.
RecommendationBefore use, confirm that Python 3 and required Python packages such as requests are available, and review the included scripts if you are providing an API key.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/extract_profile.py
api_key = config.get("API_KEY", "") ... "Authorization": f"Bearer {config['api_key']}"

The skill reads a locally configured LLM API key and uses it as a bearer token for model calls.

User impactYou must provide an API key for the configured model provider; that key will authorize LLM requests made by this skill.
RecommendationUse a dedicated, least-privilege API key with spending limits, and do not place unrelated secrets in scripts/config.json.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/extract_profile.py
response = requests.post(config['api_base'], headers=headers, json=data, timeout=120)

The skill sends constructed prompts, which can include the user's museum request and visit preferences, to the configured LLM API endpoint.

User impactMuseum plans, interest preferences, and child/travel-related details may be sent to the model provider you configure.
RecommendationConfigure API_BASE only to a provider you trust, and avoid entering sensitive personal travel details if you do not want them sent to that provider.