Back to skill
Skillv1.0.0
ClawScan security
flow-monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 8:31 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's behavior is consistent with its description: it parses a local execution log to produce a recent trace and token estimates, and it does not request credentials, install code, or make network calls.
- Guidance
- This skill appears to do what it claims and does not contact external servers or request credentials. Before installing: (1) verify whether a claw_execution.log file exists in the agent's working directory and inspect its contents for sensitive data (API keys, tokens, PII), because the script will read from it; (2) consider running scripts/trace.sh manually to see sample output and confirm it meets your needs; (3) note the script only examines the last 15 'Calling tool' lines and may produce malformed JSON if log lines contain quotes or unusual characters; (4) if you are concerned about exposing logs, run the skill in a sandboxed environment or copy a sanitized log for testing.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the included script and SKILL.md: the tool extracts execution-trace lines and computes latencies/token estimates. Minor inconsistency: SKILL.md does not explicitly state that a local file named claw_execution.log must exist (config.json and scripts/trace.sh reference it).
- Instruction Scope
- noteRuntime instructions are limited to running get_trace (bash scripts/trace.sh) and visualizing results. The script reads a local log file (claw_execution.log) and extracts the last 15 lines with 'Calling tool' — this is within the stated purpose but means the skill will expose whatever is in that log (potentially sensitive data). The script also prints unescaped fields into JSON which could produce malformed JSON for unusual log contents.
- Install Mechanism
- okNo install specification or external downloads; this is an instruction-only skill with a small included shell script — low install risk.
- Credentials
- okThe skill requests no environment variables or credentials. Its only resource access is a local log file (claw_execution.log), which is coherent with the stated purpose but may contain unrelated sensitive information.
- Persistence & Privilege
- okNo elevated persistence requested (always:false). The skill does not modify system or other skills' configurations.