Back to skill
Skillv1.0.0
ClawScan security
A search for forklift design ers · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 20, 2026, 5:42 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only forklift Q&A helper that only instructs web searches and local reference documents; its declared requirements and behavior are coherent with its stated purpose.
- Guidance
- This skill is low-risk: it uses public web searches and bundled reference notes to answer forklift questions and does not request credentials or install code. Before installing, consider: (1) the skill will fetch public webpages (search results, brand sites, WeChat articles) — do not provide sensitive or private data to it; (2) web-sourced answers may be out of date or inaccurate, so cross-check critical technical or safety-related recommendations against official manuals or certified technicians; (3) if you see the skill later requesting credentials, system access, or an install step, treat that as a new risk. Overall, the package appears coherent with its stated purpose.
Review Dimensions
- Purpose & Capability
- okName/description (forklift Q&A) match the instructions and bundled reference files (brand sites, standards, WeChat articles). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md tells the agent to use search engines, brand websites, industry sites, and a specific WeChat public account — all reasonable data sources for this domain. There are no instructions to read system files, environment variables, or to send data to unexpected external endpoints.
- Install Mechanism
- okNo install spec and no code files (instruction-only). Nothing will be written to disk or fetched during an install step, minimizing installation risk.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. This is proportional to a read-only information/research skill.
- Persistence & Privilege
- okalways is false and the skill does not request elevated/persistent privileges or modify other skills. Autonomous invocation is allowed (platform default) and is not combined with other red flags.