Skillv1.0.0

ClawScan security

RDK X5 App Resources · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 7, 2026, 6:22 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (instructions for using /app resources on an RDK X5 board), but it directs running system Python and hardware-level commands so you should only use it when you trust the device and the code under /app.
Guidance: This skill appears coherent for running RDK X5 /app samples, but it lets you execute system Python scripts and native binaries on the device and may require root. Before using it: (1) verify the skill source and confirm you trust the device and the /app contents (homepage/source unknown); (2) inspect scripts under /app for unexpected network calls, shelling out, or data-exfiltration logic; (3) avoid running code as root unless necessary — prefer running under a limited user or review the code first; (4) back up the device and test in a controlled environment if possible; (5) confirm required system libraries (e.g., hobot_dnn) are legitimate and locally installed; and (6) if you need stronger guarantees, ask the publisher for provenance (repository, checksums, or signed releases) before running these demos.

Review Dimensions

Purpose & Capability: okThe name and description claim access to /app resources on RDK X5 and the SKILL.md exclusively documents running samples, building demos, and using GPIO/multimedia/AI assets under /app; nothing requested (no env vars, no installs) is unrelated to that purpose.
Instruction Scope: noteInstructions explicitly tell the agent to execute scripts and binaries from /app using the system Python (/usr/bin/python3.10) and to run make/./run_tuning.sh. This stays within the stated scope (managing /app demos and hardware) but grants the agent the ability to execute arbitrary code present in /app and to require root/hardware permissions — a legitimate capability for this purpose but a potential operational risk if the files are untrusted.
Install Mechanism: okThere is no install specification and no code shipped with the skill (instruction-only), so nothing is written to disk or downloaded by the installer — this is low-risk from an install mechanism perspective.
Credentials: noteThe skill does not request environment variables or external credentials. However, the runtime instructions require system-level Python and note that many operations require root or hardware permissions; those privileges are appropriate for hardware control but are not explicitly declared as required credentials in the registry metadata.
Persistence & Privilege: okThe skill is not always-enabled, is user-invocable, and does not modify agent or other skills' configuration. It does not request persistent privileges beyond asking the operator to run system-level commands on the device when needed.