Skillv4.0.0

ClawScan security

GCCEO · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 6:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only leadership/CEO training pack whose declared files and runtime instructions align with that purpose; nothing in the bundle requires unrelated credentials or installs arbitrary code.
Guidance: This package appears to be a content-only skill (course material + publish guides). It does not require credentials to run, but the included publishing instructions explain how to create and use a GitHub Personal Access Token (PAT) if you want to publish the repo. Only generate and use a PAT for your own GitHub account and never paste it into unknown prompts or share it. Review the publish.sh before running it — it only calls gh (GitHub CLI) if authenticated and otherwise prints manual steps. Note the minor bookkeeping mismatch in reported skill counts (91 vs 96) and the presence of the creator's contact info in files; verify the author identity and repository links if provenance matters to you. If you do not intend to publish the repository from your account, you can safely use this skill without following the PAT/GitHub publish steps.

Review Dimensions

Purpose & Capability: noteThe name, description and included files consistently describe a Global CEO training system. The skill does not declare any required env vars or binaries, matching its instruction-only nature. Minor inconsistency: SKILL.md header lists skills_count: 96 while README/skills.json report ~91 skills — a bookkeeping mismatch but not a security issue.
Instruction Scope: noteSKILL.md and README are large content documents (course material and metadata). The included PUBLISH_GUIDE and CLAWHUB_PUBLISH files give step-by-step instructions for publishing (creating a GitHub repo, generating a PAT, pushing code, and submitting to ClawHub/SkillHub). These publishing steps are normal for distribution but are not required to use the skill. There are no instructions in SKILL.md that tell the agent to read unrelated system files or to exfiltrate user data to third-party endpoints.
Install Mechanism: okThere is no install spec. The only executable file is a small publish.sh that uses the GitHub CLI (gh) when available; it does not download arbitrary code or extract archives from untrusted URLs. Instruction-only distribution is the lowest-risk pattern.
Credentials: noteThe skill declares no required environment variables and no credentials. However, the PUBLISH_GUIDE instructs the user to generate a GitHub Personal Access Token (PAT) with repo permissions to push and release the repository; that PAT has high privileges for GitHub account operations but is only necessary if you choose to publish the repository yourself. The skill does not require other unrelated secrets. Be cautious when following publishing steps and only use tokens for accounts you control.
Persistence & Privilege: okMetadata flags are standard: always:false and agent invocation not disabled. The skill does not request persistent system-wide privileges, nor does it modify other skills' configurations. Nothing in the bundle forces permanent presence.