Skillv0.1.0

ClawScan security

Aibrary 100 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 5, 2026, 12:22 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill that provides a curated book list and its runtime instructions, and its declared requirements and behavior are consistent with that purpose.
Guidance: This skill is coherent and low-risk: it only contains a curated list and instructions for presenting it. Before installing, consider that the source/homepage is unknown (no publisher link), so: 1) confirm you trust the owner if provenance matters; 2) the skill may personalize responses using whatever user context the agent already has — don’t feed sensitive credentials or private data when asking for recommendations; 3) if you expect the most up-to-date or licensed content (e.g., full book excerpts), verify where the text comes from because SKILL.md only shows short descriptions; and 4) if you prefer skills from identifiable publishers, look for a version with a known homepage/owner. Overall, the skill appears to do what it says.

Purpose & Capability: okName/description match the instructions: the skill is a curated reading list and asks for no binaries, env vars, installs, or external credentials — all proportional to delivering book recommendations.
Instruction Scope: okSKILL.md limits behavior to presenting categories, filtering, brief descriptions, personalization from user-provided context, and language detection. It does not instruct reading local files, accessing unrelated env vars, or contacting external endpoints.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only so nothing is written to disk or fetched at install time.
Credentials: okNo environment variables, credentials, or config paths are requested; the lack of secrets is appropriate for a read-only recommendation list.
Persistence & Privilege: okalways is false and model invocation is allowed (platform default). The skill does not request elevated persistence or system-wide changes.