Back to skill
Skillv1.0.0
ClawScan security
Defense · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 9, 2026, 8:40 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and manifest are coherent with a legal-defense guidance purpose and it requests no credentials, binaries, or installs — the footprint is instruction-only and proportional to its stated function.
- Guidance
- Security and practical notes before installing: (1) Technical risk is low — this is instruction-only with no installs or secret access — but verify the publisher (skill.json lists author 'AGIstack' and a homepage URL) if provenance matters to you. (2) This is general legal guidance, not a substitute for a licensed attorney in your jurisdiction; laws and procedures vary. (3) The examples and prompts invite sharing highly sensitive facts; avoid pasting privileged communications or unnecessary personally identifying information into the agent, especially if you already have counsel (attorney-client privilege considerations). (4) If you rely on the skill for high‑stakes decisions, confirm recommendations with a qualified lawyer and do not treat the skill's output as legal advice.
Review Dimensions
- Purpose & Capability
- okThe name, description, and declared capabilities match the SKILL.md content (criminal, civil, regulatory defense guidance, working with counsel, preservation checklists). There are no unrelated requirements (no cloud creds, no unrelated binaries).
- Instruction Scope
- okThe runtime instructions are prose guidance, examples, and heartbeat prompts. They do not instruct the agent to read local files, access environment variables, call external endpoints, or exfiltrate data. The prompts ask users to provide case facts (expected for a guidance skill).
- Install Mechanism
- okNo install spec and no code files — instruction-only. This minimizes the risk of arbitrary code execution or hidden downloads.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. Nothing in SKILL.md attempts to access secrets or other services.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent system privileges or modify other skills/configurations. Autonomous invocation defaults are unchanged and acceptable here.