Back to skill
Skillv1.0.0
ClawScan security
音乐教育研究写作助手music-education-research-writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 4:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, templates, and runtime instructions are consistent with a literature-synthesis and research-writing assistant and do not request disproportionate privileges, network access, or secrets.
- Guidance
- This package appears coherent and focused on processing user-supplied research material. Before installing, confirm you will only provide data via an explicit research_corpus or iMA-export folder (the skill is designed to read only those). The included scripts are benign tooling for packaging/validation — they will run only if you execute them locally. If you plan to run the skill in an environment that allows the agent to access local files, ensure the agent is only given access to the intended folder(s) (research_corpus or an exported iMA folder) and not broader filesystem or secret stores. If you want extra assurance, review the SKILL.md 'When not to use' and 'Security statement' sections and test the skill with a small, non-sensitive corpus first.
Review Dimensions
- Purpose & Capability
- okThe skill name and description match the included templates, examples, and SKILL.md workflow: everything is focused on synthesizing user-provided research corpora into literature reviews, models, and gap analyses. The included helper scripts (package_skill.py, validate_skill.py) are build/validation utilities appropriate for packaging and checking the skill; they do not contradict the stated purpose.
- Instruction Scope
- okSKILL.md explicitly limits data access to user-provided iMA export folders or a local research_corpus folder, forbids automatic uploads/downloads, shell execution, and reading of API keys/cookies. The runtime instructions therefore stay within the stated purpose and do not direct the agent to read unrelated system files or exfiltrate data.
- Install Mechanism
- okThere is no install spec (instruction-only behavior plus packaging/validation scripts). No remote downloads, third-party install steps, or extract-from-URL installers are present in the package, which is low risk.
- Credentials
- okThe skill does not request any environment variables, credentials, or privileged config paths. SKILL.md also documents that it should not read API keys, tokens, browser data, or other secrets.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request persistent elevated presence. It contains no mechanisms to modify other skills or system-wide agent settings; the included scripts are packaging/validation utilities scoped to the skill directory.