Back to skill
Skillv2.3.1
ClawScan security
Nova App Builder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 12:06 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, instructions, and requested inputs are consistent with a Nova Platform app scaffold/deploy helper; nothing appears disproportionate or unrelated to the described purpose.
- Guidance
- This skill appears to do what it says: scaffold a Nova app and call sparsity.cloud to build/deploy it. Before running: 1) Review the included scaffolded files (enclave/main.py, odyn.py) to ensure endpoints and placeholders are acceptable. 2) Provide only your Nova API key and a GitHub PAT (used for git push); do not supply AWS/S3 credentials or enclaver.yaml as the docs instruct. 3) Consider tightening the egress_allow setting (SKILL defaults to ["**"]) if you want to restrict outbound network access for your app. 4) Test locally in IN_ENCLAVE=false mode first (note: mock Odyn endpoint is external). 5) Watch for the scaffold operation overwriting an existing directory. If you need further assurance, run the scripts in a disposable environment and inspect network calls (or read the code) before using production secrets.
Review Dimensions
- Purpose & Capability
- okName/description (build & deploy Nova apps) match the included assets and scripts: scaffold.py produces a project template; nova_deploy.py calls sparsity.cloud APIs to create/build/deploy apps; enclave client (odyn.py) targets the internal Odyn API. No unrelated credentials or binaries are requested in metadata.
- Instruction Scope
- noteSKILL.md and the scripts limit actions to scaffolding local files and calling the Nova Platform APIs. The skill asks the user for a Nova API key and (separately) a GitHub PAT for pushing the repo—these are plausible and documented. Two items to note: (1) the scaffold/advanced default sets egress_allow to ["**"] which is permissive (allows domain egress from the enclave) — this is a functional choice for convenience but broad; (2) in local (mock) mode the Odyn client hits http://odyn.sparsity.cloud:18000, an external mock endpoint (documented as such) — review that behavior before using mock mode.
- Install Mechanism
- okNo install spec; the skill is instruction + bundled templates and scripts. All bundled files are included in the skill manifest (no downloads from arbitrary URLs, no extract operations). Scaffold copies included templates to the user's filesystem when run — expected behavior for a generator.
- Credentials
- okThe skill metadata requires no environment variables. Runtime instructions and scripts accept a Nova API key and recommend a GitHub PAT for pushes; both are proportionate to the stated purpose. The skill explicitly tells users not to provide Docker/AWS/S3 credentials (the platform manages those). No unexpected secrets or unrelated service credentials are requested.
- Persistence & Privilege
- okThe skill is user-invocable, not always-enabled, and does not request persistent system presence or attempt to modify other skills. It does write scaffolded files to the user's target directory when executed — this is normal for a project generator.