Skillv1.0.0

ClawScan security

Agent Reflect Engine · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 18, 2026, 8:45 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with its stated purpose (analyzing agent logs and suggesting patches); it has no network access or credential demands, though there are small documentation mismatches to note.
Guidance: This skill appears to do exactly what it says: analyze log files and suggest patches. Before running: (1) fix or be aware of the filename mismatch in SKILL.md (the included script is tool.py), (2) review the included tool.py (already done here) and run it in a controlled environment, (3) only pass log files you intend to analyze (logs may contain sensitive secrets or PII), and (4) the tool has no network calls or credential use, but it will read any files you point it at and write the output file you specify — avoid writing to sensitive system paths.

Review Dimensions

Purpose & Capability: okThe description (analyze agent decision logs, detect hallucinations/repetition/inefficiencies, and suggest patches) matches the included Python code: the tool loads a log file and optional knowledge base, runs heuristic detectors, and emits a JSON report. The only minor mismatch is that SKILL.md examples reference 'agent_reflect_engine.py' while the included file is named 'tool.py' (the script's internal header matches the described tool).
Instruction Scope: noteSKILL.md usage examples align with the script's CLI (log input, optional knowledge base, output file) and show piping for automation. However, the filename mismatch (agent_reflect_engine.py vs tool.py) is a documentation inconsistency you should resolve before running. The tool will read any filepath you pass as the log or knowledge base, so avoid passing unrelated or sensitive system files.
Install Mechanism: okNo install spec is provided (instruction-only plus an included Python script). That is low-risk: nothing is downloaded or installed automatically. Running the script will only execute the local Python code.
Credentials: okThe skill declares no environment variables, credentials, or config paths and the code does not read env vars or network endpoints. Requested access (reading the provided log and optional knowledge base files) is proportionate to its purpose.
Persistence & Privilege: okThe skill does not request persistent/system-level presence (always is false) and does not modify other skills or system config. It only reads files you explicitly provide and writes a report to stdout or a user-specified output file.