Skillv1.0.0

ClawScan security

my-mind Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 26, 2026, 11:43 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill for creating and organizing a local my-mind directory structure and managing markdown notes; its declared requirements and instructions are coherent with that purpose and it asks for no credentials or installs.
Guidance: This skill appears coherent and low-risk: it will create and move files under whatever workspace/directory you let it control. Before enabling or running it: (1) run it in a dedicated or backed-up directory to avoid accidental moves/deletes; (2) confirm whether the agent will run git operations (local commit vs. push to remote) — the SKILL.md mentions '提交代码' but does not show push commands; avoid granting network push rights if you don't want remote writes; (3) keep autonomous invocation disabled if you prefer manual control over file operations; (4) review any generated README or scripts the first time the skill runs; and (5) if you plan to integrate with remote services (Notion, Obsidian sync), add explicit, minimal credentials only when you understand what operations are performed. Overall no credentials, installs, or external endpoints are required by the skill as provided.

Review Dimensions

Purpose & Capability: okThe name/description promise note/asset/article management and the SKILL.md contains step-by-step guidance to create directories, create and move markdown files, and organize assets — all consistent with the stated purpose. Minor note: the instructions refer to '提交代码' (commit code) during initialization, which implies use of git, but no git binary is explicitly declared; this is plausible (git is commonly available) and not disproportionate.
Instruction Scope: okThe instructions are focused on filesystem operations within a my-mind workspace (create directories, write markdown files, move/rename assets, prompt user confirmations). They do not instruct reading unrelated system files, exfiltrating data, or calling external endpoints. The skill asks agents to confirm before moving assets and before publishing. There is no vague 'gather whatever context you need' language.
Install Mechanism: okNo install spec and no code files are included (instruction-only). This is low risk: nothing will be downloaded or written by an installer. The README suggests cloning the repo into local skills directories, which is typical and not inherently risky.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. That matches the local file-management functionality. The README mentions integrations (Obsidian, Notion) only as compatible tools, but no API keys or integrations are required by the skill itself.
Persistence & Privilege: okalways is false and the skill is user-invocable. It requests no persistent privileges, does not modify other skills' configs, and does not require system-wide changes. Its actions are confined to user workspace paths described in the README/SKILL.md.