Skillv1.0.0

ClawScan security

AI Tutor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 11:48 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is coherent with its stated purpose (an AI tutor that personalizes and persists student progress); it saves student profiles to disk and does not request external credentials, but there are modest implementation issues (hard-coded filesystem path, unspecified TTS/graphics tooling, and local data persistence) you should review before installing.
Guidance: This skill appears to do what it says: tutoring with local student profiles. Before installing, consider the following: (1) The Python script writes JSON files to a hard-coded path (/Users/josephauto/...). That path is unusual and not configurable — change DATA_DIR to a safe, per-agent or per-user location (or make it configurable via an environment variable) before use. (2) The skill will persist student data locally; review what information you will store and ensure appropriate file permissions and data retention policies (especially for minors). (3) The prompts mention using a TTS tool and a drawing tool but don’t specify which services — verify which local or external tools the agent will call and whether those tools require network access or credentials. (4) The script’s mkdir lacks parents=True; on systems without that exact path it may fail — adjust to create a configurable directory safely. If you cannot or will not modify the code, run the skill in a sandboxed environment and inspect the DATA_DIR and outputs before using with real student data.

Review Dimensions

Purpose & Capability: okName/description match the included artifacts: prompts define tutoring behavior and the Python script implements student profile storage, progress recording, and retrieval — all expected for a tutoring skill that maintains continuity.
Instruction Scope: noteSKILL.md and prompts stay on-topic (assessment → teach → record → review). They instruct using 'tts' and a 'drawing tool' without specifying which binaries/endpoints; that is functional but vague and grants the agent discretion to call whichever local tools are available.
Install Mechanism: okNo install spec (instruction-only) and only one small Python utility are included. Nothing is downloaded from external URLs and no packages are installed by the skill itself.
Credentials: concernThe script requires no env vars or external credentials (good), but it uses a hard-coded absolute DATA_DIR: /Users/josephauto/.openclaw/workspace/tutor_data. This is odd (references a specific username) and non-configurable, which could cause data to be written to an unexpected location or fail on systems where that path doesn't exist. There is no option to override via env var.
Persistence & Privilege: noteThe skill persists student profiles as JSON on the local filesystem under the DATA_DIR. always:false (normal). Persisting student data is consistent with the stated feature (course continuity) but raises privacy considerations — the skill will store potentially sensitive student info locally.