Back to skill
Skillv2.0.0
ClawScan security
Cognitive Debt Guard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 24, 2026, 2:59 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only code-review / safety framework that is internally consistent with its stated purpose and does not request credentials, installs, or unexpected system access.
- Guidance
- This skill is coherent with its advertised purpose: it's an advisory/framework skill that doesn't request secrets or install code. Things to consider before enabling: (1) The README suggests copying SKILL.md into agent-specific directories—perform those file writes yourself rather than allowing an unfamiliar agent to modify your home/workspace. (2) The 'MEMORY.md open at all times' and AI-free zones are organizational rules, not technical enforcements—decide whether those AI-free zones align with your project. (3) The triggers are broad; if you don't want frequent automatic activations, restrict the skill's invocation or require manual invocation. (4) The guidance is opinionated (strict PR size and test coverage rules); adapt thresholds to your team's needs. If you want lower friction, test the skill in a single repo or a limited agent role first.
Review Dimensions
- Purpose & Capability
- okName, description, and runtime instructions align: the skill provides human-centered review patterns, comprehension gates, and documentation templates. It requires no binaries, env vars, or installs, which is proportionate for an advisory / review skill.
- Instruction Scope
- noteSKILL.md is focused on review workflows and policies (MEMORY.md template, comprehension gate, audit agenda, code-review layers). It includes guidance that can affect local files (Quick Start cp commands to place SKILL.md in agent-specific directories and a rule that MEMORY.md be kept open), which is reasonable for adoption instructions but means the agent/user may be advised to write files into home/workspace paths. The instructions do not request secrets or direct exfiltration, but they are prescriptive about developer behavior and repository practices.
- Install Mechanism
- okNo install spec or code to download; instruction-only skills present lower risk because nothing is automatically written/executed by an installer.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. All recommended artifacts (MEMORY.md, SKILL.md) are implementation guides and do not require secrets.
- Persistence & Privilege
- notealways:false (normal). The skill lists broad trigger phrases (e.g., 'accept this', 'AI code', 'merge AI-assisted PR') and so may activate often if the agent is allowed to invoke skills autonomously. That autonomous invocation is the platform default; the combination of broad triggers and automatic invocation means you should confirm you want it to run automatically in your workflows.