Back to skill
Skillv1.0.1
ClawScan security
task-queue-by-model-source · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 3:36 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared behavior (file-based queues, per-source routing, cron/heartbeat and subagent dispatch) matches the resources it asks to use; nothing requested appears unrelated to its purpose.
- Guidance
- This skill is coherent with its stated purpose, but it will create and manage files under ${MODEL_QUEUES_DIR}, append an entry to HEARTBEAT.md, and register a periodic cron/heartbeat job to run the dispatcher. Before installing: (1) set MODEL_SOURCE_* mappings and MODEL_QUEUES_DIR in your TOOLS.md; (2) review HEARTBEAT.md after first run to confirm the appended entry is acceptable; (3) ensure you are comfortable with the skill spawning subagents (it will create sessions to run tasks); and (4) place MODEL_QUEUES_DIR somewhere appropriate (not a directory containing sensitive secrets). If you do not want persistent cron jobs or changes to HEARTBEAT.md, do not enable this skill.
Review Dimensions
- Purpose & Capability
- okName/description (multi-queue orchestration) align with requested capabilities: reading/writing queue files, spawning subagents, registering a cron/heartbeat entry. The declared permissions (filesystem, cron, subagents) are appropriate for a local queue/dispatcher system.
- Instruction Scope
- noteRuntime instructions operate on ${MODEL_QUEUES_DIR}, read/append HEARTBEAT.md, create queue JSON files, and call a cron tool to register a backup job; these actions are consistent with the documented queue lifecycle but do modify user files and register a periodic job, so users should expect persistent changes to their agent environment.
- Install Mechanism
- okInstruction-only skill with no install spec and no external downloads — lowest-risk delivery. Nothing is written other than the queue files the skill itself creates at runtime.
- Credentials
- okThe skill does not request environment variables, cloud credentials, or unrelated secrets. It does rely on TOOLS.md keys (MODEL_SOURCE_* and MODEL_QUEUES_DIR), which are appropriate and documented.
- Persistence & Privilege
- noteThe skill asks to register a heartbeat entry and a cron backup job and to create persistent queue files; these are necessary for its dispatcher mode but are persistent changes. always:false (not force-included) and no cross-skill config editing are present.