Back to skill
Skillv0.0.1
ClawScan security
sre-operator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 9:39 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with a server-operations helper: it contains read-only diagnostics guidance and a non-destructive system-info script and does not request unrelated credentials or installs.
- Guidance
- This skill appears to do what it says: provide safe ops workflows and a read-only system-info script. Still take these precautions before using it on production machines: (1) Review and run scripts manually first to confirm outputs and behavior (the bundled script is read-only but its JSON output logic is slightly buggy and example paths may be hardcoded), (2) Only allow the agent to execute commands you explicitly approve — logs and config files contain sensitive data, and many commands require elevated permissions, (3) Test in a non-production environment before following any high-risk remediation steps, and (4) If you need to limit data exposure, run the script locally and share only the sanitized output with the agent rather than giving it direct execution rights or network access.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md content, reference docs, and the included scripts all align with an SRE/operator workflow. There are no unexpected environment variables, external services, or unrelated binaries required.
- Instruction Scope
- noteInstructions legitimately direct the agent to read system information, logs, and configuration files (expected for ops). Note: those reads can reveal sensitive data (IPs, user lists, config contents, logs); the skill repeatedly stresses safety and confirmation before destructive actions, but users should be aware of the data the agent will access if commands are run.
- Install Mechanism
- okNo install spec (instruction-only plus a bundled script) — no downloads or third-party package installs. This minimizes install-time risk.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths beyond normal system reads. That is proportionate to its stated diagnostic/ops purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide changes or attempt to modify other skills. It can be invoked by the agent (normal), but it does not declare elevated platform privileges.