Back to skill
Skillv1.0.0
ClawScan security
personality-analysis-yang · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 7:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, scope, and lack of installs/credentials are consistent with its stated purpose of analyzing personality from supplied text; it does not request unrelated privileges or secrets.
- Guidance
- This skill appears coherent and limited to analyzing text you provide. Before installing or using it, consider: (1) Privacy/consent — only analyze messages you are permitted to use and redact personal identifiers where appropriate. (2) Avoid using the output for decisions that affect someone's rights or employment; this is interpretive, not a clinical or legal diagnosis. (3) Be cautious with very short texts (the skill itself notes low confidence there). (4) If you will analyze many messages or third-party data, document consent and applicable policies/regulations. Otherwise the skill is technically benign and matches its stated purpose.
Review Dimensions
- Purpose & Capability
- okName, description, and SKILL.md all describe text-based personality analysis. The skill declares no binaries, env vars, or config paths, which is proportionate for the stated functionality.
- Instruction Scope
- noteInstructions are narrowly focused on analyzing user-provided text and include sensible guidelines (anchor claims to text, use probabilistic language, avoid diagnoses). They do not instruct reading system files or fetching external data. However, the nature of the task involves analyzing potentially sensitive personal messages — the SKILL.md does not mandate obtaining consent or redacting identifiers, which is an ethical/privacy consideration (not a technical incoherence).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files, so nothing is written to disk or fetched during install.
- Credentials
- okNo environment variables, credentials, or config paths are requested, so there is no disproportionate access to secrets or external services.
- Persistence & Privilege
- okalways:false and no install means the skill does not request permanent presence or special privileges. The agent-autonomy default is unchanged; this is expected and not flagged alone.