Back to skill
Skillv1.0.0
ClawScan security
policy-application-checker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 6:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are consistent with its described purpose (producing checklists/plans from user-supplied policies); it is local, auditable, and does not request unrelated credentials or network installs.
- Guidance
- This skill appears coherent and local/auditable. Before using: (1) Inspect the small script (scripts/checklist_builder.py) yourself — it simply reads a JSON file you supply and writes a markdown checklist. (2) Avoid passing output paths that could overwrite important files. (3) Do not feed secrets or credentials into the skill; it processes the policy text you provide and does not declare networking, but be aware your agent/session could still send data externally depending on agent configuration. If you need absolute assurance, run the script locally on trusted inputs (e.g., python3 scripts/checklist_builder.py requirements.json) and review the generated checklist file.
Review Dimensions
- Purpose & Capability
- okName/description match the actual artifacts: SKILL.md, a small Python helper script, and a local template resource. Declared requirement (python3) is appropriate and nothing in the package asks for unrelated system access or credentials.
- Instruction Scope
- noteRuntime instructions are limited to reading user-provided policy/form text, producing a checklist, risk list, timeline, and evidence tracker. The bundled script reads a JSON file path supplied by the user and writes a markdown file — this is expected. Note: the script does not validate JSON schema and will write/overwrite the output file path provided, so users should avoid passing untrusted paths or overwriting important files.
- Install Mechanism
- okNo install spec; skill is instruction-only with a local helper script. No remote downloads, package installs, or obscure URLs. This is a low-risk, auditable delivery model.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The skill only requires python3 which aligns with the included script.
- Persistence & Privilege
- okalways is false and there are no signs the skill attempts to persist configuration or modify other skills. Autonomous invocation is allowed by default but is not unusually privileged here.