Back to skill
Skillv1.0.0
ClawScan security
Code Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 26, 2026, 3:21 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it wraps ripgrep/fd/tree via a shell script to provide read-only code search functionality and does not request unrelated credentials or install arbitrary code.
- Guidance
- This skill appears to do what it says: a read-only wrapper around ripgrep, fd, and tree. Before using it: (1) ensure you trust the skill source because it will run shell commands on your filesystem and can reveal file contents (including secrets) if you point it at sensitive directories; (2) install ripgrep/fd/tree from trusted package sources if needed (the design doc includes manual curl examples—prefer distro packages or verified GitHub release assets); (3) consider limiting its use to specific project paths rather than system/root directories; (4) if you are concerned about autonomous agent actions, keep autonomous invocation disabled or only invoke the skill manually. Overall there are no mismatches between the description, the instructions, and the included script.
Review Dimensions
- Purpose & Capability
- okName/description match the implementation: the SKILL.md and scripts provide grep/glob/tree commands implemented by search.sh and rely on rg/fd/tree, which is exactly what the skill claims to do.
- Instruction Scope
- okRuntime instructions call the included shell script with explicit subcommands; the script performs only read-only searches, checks for dependencies, and prints structured output. It does not read unrelated configuration, attempt network exfiltration, or reference unexpected external endpoints at runtime.
- Install Mechanism
- okThis is instruction-only (no install spec). The repository includes a shell script only; design docs mention possible curl-based downloads for installing rg/fd as optional manual guidance, but the skill itself does not automatically download or extract remote payloads.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. All requested operations are local, and any permissions needed are typical for read access to the workspace and for installing CLI tools if the user chooses to follow install guidance.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide changes. The script does not modify other skills or system configuration; it only checks for binaries and reads files.