Back to skill
Skillv0.1.0
ClawScan security
Project Writing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 16, 2026, 5:58 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is a narrowly scoped, instruction-only skill that only asks the agent to wrap main content in <ama-doc> tags and requests no credentials, installs, or filesystem access.
- Guidance
- This skill is low-risk and does only formatting (wrapping responses in <ama-doc> tags). Before installing, confirm where any template variables (like $DATE$ or $SESSION_GROUP_ID$) will be sourced from in your agent runtime so you know what data might be substituted. If you want to be cautious, test the skill in a safe environment and review the agent configuration that provides template values; otherwise this skill appears coherent and proportionate to its stated purpose.
Review Dimensions
- Purpose & Capability
- okThe name/description (project writing / wrap main content in <ama-doc> tags) matches the SKILL.md instructions and the skill does not request unrelated resources or permissions.
- Instruction Scope
- noteInstructions are narrowly scoped to applying <ama-doc> wrappers. The file mentions template variables (e.g., $DATE$, $SESSION_GROUP_ID$) without specifying their source; this is ambiguous but not itself harmful — verify where those substitutions come from in your agent runtime if you rely on them.
- Install Mechanism
- okNo install spec and no code files (instruction-only), so nothing is written to disk or fetched during install.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths — nothing disproportionate is requested for the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent system privileges. It uses the platform default of allowing autonomous invocation, which is normal for skills.