Skillv1.0.0

ClawScan security

Trim · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 21, 2026, 3:19 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match its stated purpose (a local reference/help tool for trimming data) and it does not request credentials or install external software, but a pre-scan flag for unicode control characters in the SKILL.md lowers confidence and warrants a quick manual check.
Guidance: This skill appears coherent and limited in scope: it runs the included script that prints trimming guidance and does not require credentials or network access. Before installing, inspect the raw SKILL.md for invisible/zero-width characters (they were flagged) to ensure there is no hidden text or instructions. If you let agents invoke skills autonomously, run the script in a sandbox or review its output first. If you need higher confidence, request the repository's raw files (git URL) or view the SKILL.md and scripts/script.sh bytes to verify there are no obfuscated commands or external calls.
Findings: [unicode-control-chars] unexpected: The SKILL.md contained unicode control / zero-width characters flagged by the scanner. This is not necessary for a documentation/reference skill and could be used to hide text or attempt prompt injection. The bundled script itself appears benign and prints help text only.

Purpose & Capability: okName/description describe data-trimming guidance; the SKILL.md commands map directly to the included scripts/script.sh which prints reference text. There are no unrelated required binaries, env vars, or permissions.
Instruction Scope: okRuntime instructions only invoke the bundled scripts/script.sh commands (intro, string, numeric, text, database, signal, examples, pitfalls, help, version). The script prints guidance text and does not read other files, call external endpoints, or request extra system state. SKILL.md documents a TRIM_DIR config variable, but the provided script does not use it.
Install Mechanism: okNo install spec; the skill is instruction-only with a single bundled shell script. Nothing is downloaded or extracted at install time.
Credentials: noteThe skill declares no required environment variables or credentials. The SKILL.md documents an optional TRIM_DIR variable (default ~/.trim/) which is informational only; the script does not use or require it. A pre-scan detected unicode-control-chars in SKILL.md (see scan findings) which could be an attempt to hide or obfuscate content — this is not expected for a static reference document.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent privileges. Autonomous invocation is enabled by default (normal behavior) but the skill itself does not add broader privileges.