Back to plugin
Pluginv0.1.1
ClawScan security
GwapScore Protocol (Trust Engine) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 3:59 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions are internally consistent with a trust‑scoring protocol: it asks for no credentials, installs nothing, and only directs the agent to consult local policy and template files related to scoring and review.
- Guidance
- This skill appears coherent and documentation‑driven. Before installing or using it in production: verify the skill's provenance (who authored and maintains it), test its outputs in a sandbox, and ensure any integrations you build (partner webhooks, signed events) use secure, authenticated channels. Although the skill itself requests no secrets or installs, an agent using it may take actions based on its outputs — review enforcement decisions and manual‑review triggers before automating high‑impact flows. If future versions add install steps or request environment credentials, re‑evaluate immediately.
Review Dimensions
- Purpose & Capability
- okThe name and description (GwapScore Protocol / trust engine) match the included templates, reference docs, and example payloads. All required artifacts (canonical events, attestation taxonomy, scoring model, templates) are present and appropriate for the stated purpose.
- Instruction Scope
- okSKILL.md is a deterministic, bounded set of instructions for ingesting events, converting to attestations, scoring, explaining, and triggering review. It only references local files included in the skill and does not instruct the agent to read unrelated system files, environment variables, or external endpoints.
- Install Mechanism
- okNo install spec or external downloads exist; this is an instruction‑only skill with bundled documentation and templates. That minimizes on‑disk code execution risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The operational guidance in SKILL.md does not attempt to access secrets or unrelated services.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or elevated platform privileges. It is user‑invocable and allows normal autonomous invocation (disable-model-invocation is false), which is expected for skills of this type.