Skillv2.1.1

ClawScan security

Change Management · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 10, 2026, 7:31 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only change-management playbook (templates and guidance) with no code, installs, or credential requests — its requirements align with its stated purpose.
Guidance: This skill is essentially a documentation/template bundle for running organizational changes — it does not install code or ask for credentials, so the technical risk is low. Before installing, consider: (1) review the wording of any communications the agent will draft to ensure they don't accidentally include sensitive or legally risky details; (2) validate HR/legal guidance for layoffs/reorgs before sending; and (3) remember that the playbook is generic — adapt timelines, escalation paths, and enforcement language to your company's policies and local laws.

Purpose & Capability: okThe name and description match the files: SKILL.md and a reference playbook containing ADKAR guidance, templates, timelines and scripts. There are no unexpected binaries, env vars, or configuration paths required.
Instruction Scope: okThe runtime instructions are documentation and usage guidance (when to use the playbook and what to recommend). They do not direct the agent to read system files, access environment variables, call external endpoints, or exfiltrate data.
Install Mechanism: okNo install specification and no code files — instruction-only. This minimizes on-disk execution risk and there are no download/extract steps to review.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. Requested privileges are proportionate (none) to the stated documentation purpose.
Persistence & Privilege: okalways is false and the skill is user-invocable; model invocation is allowed (platform default) but the skill has no autonomous side effects, persisting state, or cross-skill configuration changes.