Skillv1.0.0

ClawScan security

Aicodem skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 13, 2026, 2:07 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are coherent with its stated purpose of generating XMind (.xmind) files from test-case JSON and do not request unrelated credentials, network access, or elevated privileges.
Guidance: This skill appears to do what it claims: convert structured test-case JSON into a .xmind file using the included Python script. Before installing/using it: (1) review scripts/generate_xmind.py yourself (it runs locally and writes an output file in your working directory); (2) run it in a sandbox or with non-sensitive/example JSON first to confirm behavior; (3) ensure you have Python 3.6+ available; (4) verify any JSON inputs come from trusted sources (the script will read whatever file path you give it). There are no signs of network calls, secret access, or privilege escalation in the provided files.

Purpose & Capability: okName/description advertise generating XMind test-case files; the package contains a Python script that reads JSON test data and writes a .xmind (ZIP) file. No unrelated env vars, binaries, or cloud credentials are requested.
Instruction Scope: okSKILL.md instructs the agent to call the included Python script or provide JSON input; instructions reference only input JSON and output .xmind files. There are no instructions to read unrelated system files, access external endpoints, or exfiltrate data.
Install Mechanism: okNo install spec; this is instruction-and-script based and relies only on Python 3.6+ and standard library modules (zipfile, json, os, sys). No downloads from remote URLs or package registries are used.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The code uses only standard-library modules and local file I/O consistent with producing an output file.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request persistent platform privileges or modify other skills/configuration.