Back to skill
Skillv1.0.1
ClawScan security
Deepagents Architecture · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 22, 2026, 4:09 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only architecture guide and its requirements, examples, and instructions are consistent with that purpose.
- Guidance
- This is an architecture guideline only — it doesn't ask for credentials or install code itself and appears coherent. Before using recommendations in a running agent, review any code you copy from the guide: backend/middleware choices can enable file reads, disk persistence, or command execution (e.g., FilesystemBackend or middleware with an 'execute' tool). Only grant your agent the minimal tools and environment variables it truly needs, avoid pasting secrets into prompts, and review any runtime configuration that binds to the filesystem or external stores.
Review Dimensions
- Purpose & Capability
- okName/description (Deep Agents architecture guidance) match the SKILL.md content: design guidance, decision trees, and code examples for backends, subagents, and middleware. There are no unrelated credential or binary requirements.
- Instruction Scope
- noteSKILL.md stays within architectural guidance and example code; it does not instruct the agent to read local secrets or call external endpoints. Note: examples reference filesystem/backends and an 'execute' middleware/tool — these are sample configurations that, if implemented by the user, may enable file/command execution, but the skill itself does not perform those actions.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so nothing is written to disk or downloaded by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths; the content's references to storage/backends are conceptual and do not request secrets.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request persistent/privileged presence or modify other skills or system-wide config.