Back to skill
Skillv1.0.4
ClawScan security
Less Token · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 18, 2026, 9:58 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, text-to-text prompt-compression skill whose declared behavior, requirements, and instructions are internally consistent with its stated purpose.
- Guidance
- This skill appears coherent and low-risk: it's an instruction-only prompt-compressor that doesn't access files, credentials, or the network. If you install it, test it on non-sensitive sample prompts first to verify compressed outputs match your expectations. Be cautious about pasting sensitive or private content into any third-party LLM (the skill's docs recommend pasting into other AI services) — that risk is inherent to using external models, not to this skill itself. If you want extra assurance, ask the publisher for provenance (e.g., a reproducible repository release) or verify the linked GitHub/website before broad use.
Review Dimensions
- Purpose & Capability
- okName and description (prompt compression for summarization) match the provided SKILL.md and prompt.md. The skill requests no credentials, binaries, or installs — all proportionate to a simple text transformation utility.
- Instruction Scope
- okRuntime instructions are narrowly scoped to translating verbose summarization prompts into a compact I‑Lang syntax and to output the compressed line plus a short explanation. The docs do not instruct reading files, accessing environment variables, executing commands, or calling external services.
- Install Mechanism
- okThere is no install spec and no code files; the skill is instruction-only. This is the lowest-risk model and matches the 'no install / zero dependencies' claim.
- Credentials
- okThe skill requires no environment variables, no credentials, and no configuration paths — appropriate for a text-to-text translator that operates on prompts only.
- Persistence & Privilege
- okThe skill does not request always:true and does not ask to modify other skills or system settings. Autonomous invocation is permitted by platform default but is not combined with other concerning privileges.