Back to skill
Skillv1.0.0
ClawScan security
李继刚认知工具箱 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 3:10 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only skill that bundles 11 prompt-based cognitive tools; its required footprint (no installs, no env vars) aligns with its stated purpose and I found no incoherent or disproportionate requests.
- Guidance
- This skill is essentially a packaged set of system prompts — generally low-risk. Before installing, consider: 1) test a few triggers to confirm the outputs match your expectations and that references to external models/databases behave as intended; 2) if you plan to produce official government-style documents, review outputs for legal/ethical appropriateness (the "公文笔杆子" prompt enforces "政治正确" and strict formatting); 3) verify the claimed GitHub source if provenance/licensing matters to you (SKILL.md references github.com/lijigang/prompts); 4) ask the author to clarify ambiguous constraints such as "只输出数据库已有信息" so you know what internal data the skill may rely on. If you need guarantees about data handling or provenance, request explicit documentation from the publisher before use.
Review Dimensions
- Purpose & Capability
- okName/description (a toolbox of 11 cognitive/prompt templates) matches the provided files: a SKILL.md and 11 prompt files. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- noteAll runtime instructions are prompt templates and usage guidance; they stay within cognitive/analysis/writing tasks. A few small ambiguities exist: some prompts reference model names (e.g., "Claude Sonnet") and one prompt (逻辑之刃) contains the constraint "只输出数据库已有信息" ("only output database-existing information") — it's unclear what "database" refers to in the agent context. Otherwise prompts do not instruct reading system files, contacting external endpoints, or exfiltrating data.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This is the lowest-risk install mechanism and consistent with the skill's stated behavior.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The prompts do not require external API keys. Requested access is proportionate to an instruction-only prompt library.
- Persistence & Privilege
- okalways is false and disable-model-invocation is false (normal). The skill does not request permanent system changes, nor does it indicate altering other skills or agent configuration beyond injecting system prompts at runtime.