Back to skill
Skillv1.0.0
ClawScan security
Attorney · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 8:22 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only legal-advice-assistant whose declared files, runtime instructions, and requirements are coherent with its stated purpose and do not request unusual system access or credentials.
- Guidance
- This skill appears coherent and low-risk in terms of system access, but keep in mind: (1) it is not a substitute for licensed legal advice — use it to prepare questions and triage, then consult an attorney for binding guidance; (2) legal matters often involve highly sensitive personal data, so avoid pasting more than necessary into any third-party logs or long-term agent history — review your agent's data retention and sharing settings before using; (3) verify the author/source if you want provenance (skill.json lists AGIstack and a homepage URL, but the registry source was unknown); (4) the heartbeat triggers can cause proactive prompts — if you don't want automatic checks, disable or limit the skill's autonomous triggers in your agent settings. If you need higher assurance about jurisdiction-specific advice, prefer a local licensed attorney.
Review Dimensions
- Purpose & Capability
- okName, description, skill.json capabilities, and SKILL.md content all align: the skill provides need-assessment, attorney-matching, consultation prep, fee explanation, and matter monitoring. No unexpected binaries, credentials, or unrelated capabilities are requested.
- Instruction Scope
- noteSKILL.md contains detailed guidance and heartbeat triggers (immediate/weekly/pre-meeting/on-document/annual). Instructions stay within the domain of legal guidance and preparation and do not instruct the agent to read system files, call unknown endpoints, or access environment variables. Note: the heartbeat triggers imply the agent may proactively surface legal-related prompts; this is scope-related behavior but consistent with the skill's purpose.
- Install Mechanism
- okNo install spec and no code files to execute — instruction-only. This minimizes on-disk risk and there are no external downloads or package installs.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. Nothing requests access to unrelated services or secrets; environment/credential demands are proportionate (none).
- Persistence & Privilege
- notealways:false and user-invocable:true. The skill may be invoked autonomously by the agent (platform default), and the heartbeat semantics mean it is intended to run periodic checks — this is appropriate for matter monitoring but users should be aware of automatic triggers. The skill does not request elevated system privileges or modify other skills.