Skillv1.0.0

ClawScan security

add-educational-comments · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 9, 2026, 8:46 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only tool that adds explanatory comments to code files; its requested footprint (no installs, no credentials) matches its stated purpose and contains no obvious incoherent or risky requirements.
Guidance: This skill is instruction-only and internally consistent with its purpose. Before installing or invoking it: 1) Provide the target file(s) explicitly (or attach them in the chat) to avoid accidental workspace-wide operations. 2) Review the generated diff — the skill will often add large numbers of comment lines (up to 400), which can change file length and may affect tools that rely on exact line counts. 3) Verify that comments do not reveal sensitive data from the code (e.g., credentials in example strings). 4) If you plan to let the agent run autonomously, consider restricting that capability until you've reviewed an initial output. If you want a stricter check, request the author to clarify how the skill selects files when multiple matches exist and to remove ambiguous wording like 'typed on the user's keyboard.'

Purpose & Capability: okName/description match the instructions: the skill's goal is to add educational comments and the SKILL.md contains detailed rules and workflows for doing exactly that. It does not request unrelated binaries, credentials, or system paths.
Instruction Scope: noteThe SKILL.md stays within the stated purpose and instructs the agent to preserve encoding/formatting and avoid breaking code. One notable constraint is the hard 125% line-count increase (bounded by 400 lines), which is a strong editorial requirement but not a security concern. The doc also includes the phrase 'Input data as if typed on the user's keyboard' which is atypical but appears intended to limit character usage rather than to exfiltrate data. The instructions do not tell the agent to read arbitrary system files, environment variables, or external endpoints.
Install Mechanism: okNo install spec or code files are present (instruction-only). Nothing will be written to disk by an installer and no external packages are pulled in by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There is no disproportionate credential access relative to the stated purpose.
Persistence & Privilege: okalways is false, the skill is user-invocable and does not request permanent presence or modify other skills or system-wide settings. Autonomous invocation is allowed by default but is not combined with other red flags here.