Skillv1.0.0

ClawScan security

Daily Wisdom · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 15, 2026, 9:45 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only prompt pack for generating daily historical anecdotes; its requirements and behavior are generally coherent, with only minor mismatches around file and delivery configuration which the user should understand before enabling automation.
Guidance: This skill is mainly a set of prompts for an LLM to generate long, research-backed daily stories. It's coherent and low-risk compared with skills that download or run code, but before you enable automated runs you should: (1) be prepared to give the agent only limited filesystem access (a single history file) rather than broad disk access; (2) store any delivery channel credentials (WhatsApp/Telegram/Slack tokens) securely and only give the agent the minimum access necessary; (3) verify quote/transcription correctness yourself — the skill requires web search verification but LLMs can still hallucinate; (4) review initial outputs manually for factual accuracy and cultural sensitivity before allowing autonomous, recurring sends; and (5) if you plan to clone the repo or run a cron, follow the README steps yourself rather than trusting the agent to perform setup unless you trust its environment and permissions.

Review Dimensions

Purpose & Capability: noteName/description match the content: the skill is a prompt system to generate daily wisdom. The skill claims automated delivery to channels (WhatsApp/Telegram/Slack/etc.) and a persistent history file to avoid repeats, but the registry lists no required config paths or credentials for delivery; that's a minor mismatch (the repo README explains the manual setup).
Instruction Scope: noteSKILL.md instructs the agent to (1) read and append a history file, (2) perform web searches to verify original-language quotes and facts, and (3) deliver output to configured channels. Those actions are consistent with the purpose but do expand the agent's runtime scope (file read/write and web/network access). The instructions explicitly forbid hallucinated quotes and require verification, which is a content-quality rule rather than a security control.
Install Mechanism: okThis is instruction-only with no install spec or code files to execute; lowest-risk install posture. The README suggests cloning the repo for convenience, but there is no automated download/extract or third-party package install that would create risk.
Credentials: noteThe skill declares no required environment variables or credentials, yet it references delivery to external channels (which in practice require API keys/tokens) and reading/writing a history file. The absence of declared config/credential requirements is not harmful but is a configuration gap users should address when enabling automated delivery.
Persistence & Privilege: okNo elevated privileges requested. always is false and there's no install that persists system-wide state beyond the history file the skill itself uses. The skill expects to append to a history file in the agent workspace if automated, which is normal for this use case.