Skillv1.0.3

ClawScan security

DeepThinking Framework · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 7:03 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and requested filesystem access are consistent with a local, stateful 'deep thinking' facilitator — it stores session state locally and has no obvious network exfiltration or unrelated credential requirements.
Guidance: This skill appears internally consistent with its description, but it stores all session content and behavioral 'profiles' as plain text under ~/.deepthinking. Before installing or enabling it: (1) review the included scripts yourself (state.py, memory.py, evolve.py, tui.py) — source is unknown; (2) be comfortable that sensitive thoughts you enter will be written unencrypted to your home directory; (3) do not enable the suggested nightly cron job unless you want automatic local analysis to run on those files; (4) check pending proposals (evolution) before approving so new prompts/patches are consciously accepted; (5) consider running the skill in a sandbox account or VM if you want to limit exposure on a multi-user or production machine.

Review Dimensions

Purpose & Capability: okName/description match what the code and SKILL.md do: a stateful, multi-phase facilitator that persists session state. Declared requirements (python3, read/write access to ~/.deepthinking) map to the scripts' behavior and are proportionate to the stated purpose.
Instruction Scope: noteSKILL.md instructs the agent to run the included Python scripts and to persist and consult data under ~/.deepthinking (state, engrams, semantic_profile). That is within scope, but the skill routinely writes plain-text user content to disk (engrams/logs/profile) and instructs the agent to 'absorb' semantic_profile without reprinting raw data — this grants the agent discretion over how to use stored personal material. Also the README suggests optionally scheduling a nightly cron job to run evolve.py; that would create recurring local activity if enabled.
Install Mechanism: okThere is no remote install/download step or external package install in the registry spec (instruction-only). The skill ships Python scripts which will run locally; no external network resources or unusual installers are referenced.
Credentials: okThe skill requests no environment variables or external credentials. It does require filesystem read/write permissions and a config path (~/.deepthinking), which are appropriate for a stateful local tool. Note: all stored data is plaintext under the user's home directory, which may contain sensitive personal content.
Persistence & Privilege: noteSkill persists long-term state and memory in ~/.deepthinking and provides an evolution engine that can append prompt patches (only after human approval per the code). always:false (not force-included). The cron-job suggestion is optional but would create scheduled local activity if the user configures it. This persistence is expected given the design, but it increases the sensitivity of stored data and the importance of reviewing/controlling cron setup and pending proposals.