Skillv1.0.0

ClawScan security

Customer Voice Synthesizer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 16, 2026, 8:21 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and required tools are consistent with its stated purpose (local aggregation and structuring of customer voice data); it contains a local Python script that reads and summarizes supplied files and directories but does not access networks or request unrelated credentials.
Guidance: This skill appears to do what it says: it locally ingests the files or directory you point it at and produces a structured brief. It does not require keys or network access. Main caution: the included script will read any files under the path you provide (including .py/.sh/.json/etc.), so do not pass broad system paths or directories containing secrets or sensitive data unless you want them scanned. Prefer feeding only the intended input files (or a sanitized copy), and run in a controlled environment. If you need automatic invocation, ensure the agent is restricted from selecting arbitrary filesystem paths.

Purpose & Capability: okName/description (聚合用户原声并按 JTBD/阶段组织) matches the included resources: a template, spec.json, examples, and a Python script that ingests files/directories and emits structured Markdown. Requiring only python3 is proportionate.
Instruction Scope: noteSKILL.md restricts behavior (do not leak PII, produce reviewable drafts) and directs running scripts/run.py or using the local template. The script accepts files or directories and will recursively read many text file types (md, txt, json, csv, py, js, sh, etc.); if given a broad or system path it can read arbitrary local files. This is expected for a directory-audit mode but is a privacy/footprint consideration: avoid passing root/system paths or sensitive directories unless you intend that scan.
Install Mechanism: okNo install spec; instruction-only plus a local Python script requiring only the standard library. Nothing is downloaded or extracted and no external package installs are declared.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That aligns with its described offline/local processing purpose.
Persistence & Privilege: okalways:false and no persistent installation hooks. The skill can be invoked autonomously (platform default) and may run the local script if environment allows, which is expected given its purpose. There is no attempt to modify other skills or system-wide agent settings.