Skillv0.1.0

ClawScan security

Discord Admin Elite · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 26, 2026, 9:25 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill that provides step-by-step Discord server administration guidance and does not request credentials, install code, or perform external actions — its requirements and instructions align with its stated purpose.
Guidance: This skill is a guidance/playbook for Discord server admins and appears internally consistent and low risk as-is. Important notes before installing/using: (1) It does not and cannot make changes to your server by itself — to apply recommendations you'll need appropriate Discord permissions or to authorize a bot via Discord OAuth; never share account passwords or raw tokens directly. (2) If a future workflow request from this skill asks you to provide API keys or bot tokens, verify the requesting skill/tool and only grant minimal scopes via Discord's OAuth flows. (3) Treat the output as advisory: validate any config changes (permissions, AutoMod rules, role scopes) in a test/staging server first to avoid accidental over-restriction. (4) Because this is instruction-only, there is no code execution risk from the skill content itself; exercise normal caution if you combine these instructions with other skills that do perform automated changes.

Purpose & Capability: okName/description match the contents: the skill provides audits, prioritized fixes, role-management, onboarding, moderation, engagement systems and templates. It does not declare or request unrelated binaries, env vars, or config paths.
Instruction Scope: okSKILL.md is guidance-only: it instructs the agent to produce audit scorecards, fix plans, and checklists and references public Discord docs. It does not direct the agent to read local files, access environment variables, or transmit data to unknown endpoints. The instructions are prescriptive (templates and steps) rather than open-ended.
Install Mechanism: okNo install spec or code files are present; the skill is instruction-only so nothing is downloaded or written to disk. This is low-risk.
Credentials: okThe skill requires no environment variables, credentials, or config paths. There are no disproportionate secret requests relative to the stated admin/design purpose.
Persistence & Privilege: okalways is false, and the skill contains no code that would modify agent settings or persist credentials. It does not request elevated or permanent privileges.