Skillv1.0.0

ClawScan security

Travel Assistant-CN · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 17, 2026, 2:31 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are coherent with a travel-planning assistant; there is no code or install step, but it explicitly collects sensitive personal and health information and relies on web searches, so privacy precautions are recommended.
Guidance: This skill appears to be what it claims (a travel planner) and contains no installable code, which lowers execution risk. However, it asks for sensitive personal and health details (pregnancy, medications, medical history, allergies). Before installing or using: 1) Avoid entering highly sensitive PII unless you trust the hosting platform and understand its data retention/privacy policy. 2) Ask whether your agent's outbound web searches will include user-provided details or whether they will be anonymized — do not paste full medical records into the chat. 3) Prefer providing only the minimum necessary details (e.g., 'has asthma' instead of detailed prescriptions) or ask for generic advice if you want to keep health specifics private. 4) If you need definitive medical guidance, consult a licensed professional rather than relying solely on the skill. If privacy or regulatory concerns (medical data) are important for you, consider not enabling the skill or using it in a restricted/testing environment first.

Purpose & Capability: okThe name, description, and SKILL.md all describe travel planning (itineraries, weather, attractions, lodging, packing lists). There are no unrelated required binaries, credentials, or config paths; the included reference documents match the stated functionality.
Instruction Scope: noteThe instructions direct the agent to actively collect sensitive personal data (health conditions, medications, pregnancy, age, etc.) and to use network searches (weather, news, booking platforms). Collecting health and reproductive information is within the functional scope of personalized travel advice, but SKILL.md does not specify consent, retention, or how user-supplied PII is handled or protected. This is a privacy concern rather than a functional incoherence.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes code-execution and supply-chain risk because nothing is downloaded or written to disk by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There is no disproportionate credential access relative to the described functionality.
Persistence & Privilege: okFlags show default behavior (not always:true). The skill does not request persistent system presence or elevated privileges and is only user-invocable/autonomously invokable by default, which is the platform norm.