Back to skill
Skillv0.1.0
ClawScan security
Self Driven · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 11:12 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions match its stated purpose (autonomous task selection, execution, evaluation, and logging) and it does not request unrelated credentials, installs, or external endpoints.
- Guidance
- This skill is internally consistent: it tells the agent to read and write two local files and to run periodically. Before installing, decide whether you want the agent to run autonomously on a schedule; verify the agent platform will not create system cron jobs without explicit permission; inspect or sandbox the memory/self-driven/ folder for sensitive data (avoid placing secrets there); and review any reports/logs the skill produces so you can stop or adjust its behavior if it starts doing things you don't expect.
Review Dimensions
- Purpose & Capability
- okName/description promise an autonomous self-driven loop; SKILL.md only requires reading/writing local memory files (memory/self-driven/tasks.md and log.md) and periodic triggering. There are no unrelated environment variables, binaries, or external services required, so the requested capabilities are proportional to the purpose.
- Instruction Scope
- noteInstructions are explicit about reading memory files, selecting and executing small tasks, evaluating results, and appending structured entries to log.md. The only scope-related note is that the skill advocates periodic autonomous triggering (cron every 30 minutes) — that increases activity frequency but is consistent with the stated goal. The instructions do not reference system-wide config, secrets, or external endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This minimizes on-disk footprint and risk from third-party installs.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths and the runtime instructions do not attempt to access any other env vars or credentials. Requested access is limited to the local memory/* files described in the SKILL.md.
- Persistence & Privilege
- notealways:false (default) and disable-model-invocation:false (default). While autonomous invocation is the platform default and expected for this skill, the SKILL.md explicitly encourages scheduled, repeated execution (cron). That behavior is coherent with the purpose but increases operational persistence—confirm that scheduling is performed only with user consent and that the agent's ability to write to memory/ is acceptable.