Back to skill
Skillv2.0.0
ClawScan security
Converter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 11:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared requirements, runtime instructions, and scope align with its stated purpose as a local-first conversion orchestrator.
- Guidance
- This skill appears coherent and local-first, but remember it will run host binaries and operate on your local files when invoked. Only enable it if you trust the agent and the host environment to run ffmpeg/pandoc/magick/soffice/7z safely. Verify those binaries are installed from trusted sources, and be cautious about converting DRM-protected or encrypted files — the skill says it won't bypass protections but will need explicit permission before any upload. If you want stricter control, require manual approval before execution or limit the skill's ability to access sensitive directories.
Review Dimensions
- Purpose & Capability
- okName/description match required binaries and capabilities. Declared dependencies (ffmpeg, pandoc, magick, soffice, 7z) are exactly the kinds of tools needed for the stated document/image/audio/video/archive conversions.
- Instruction Scope
- okSKILL.md is an instruction-only orchestrator that advises and runs local toolchains and returns conversion plans when tools are missing. It does not instruct the agent to read unrelated files, request unrelated credentials, or quietly upload data without consent. It explicitly requires explicit consent before any external upload.
- Install Mechanism
- okNo install spec and no code files — lowest-risk delivery. The skill relies on host-provided binaries rather than downloading or extracting code at install time.
- Credentials
- okNo environment variables, credentials, or configuration paths are requested. The declared footprint is minimal and proportional to a local conversion tool orchestrator.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent or elevated privileges, nor does it modify other skills or system-wide settings.