Skillv2.0.1

ClawScan security

Dotfiles · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 10:42 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose of local logging/management of dotfiles and do not request external credentials or network installs, but it writes and exports arbitrary user-provided content to local log files (no sanitization) so avoid logging secrets or sharing exports without review.
Guidance: This skill appears to do what it says and has no network or credential requests. Things to consider before installing: 1) All data is stored under ~/.local/share/dotfiles — inspect or back up that directory if you care about privacy. 2) The tool will happily record arbitrary text you pass to it; do not log passwords, API keys, or other secrets into these logs. 3) The JSON export simply injects raw values into JSON (no escaping), so exported files can be malformed or leak structure-sensitive content if logs contain quotes/newlines — review exports before sharing. 4) If you want extra safety, review the script locally and/or run it in a restricted account/container. 5) Note a minor metadata/version mismatch in SKILL.md vs registry (cosmetic). Overall the skill is coherent and self-contained; use caution around what you log and export.

Review Dimensions

Purpose & Capability: okThe SKILL.md and the included scripts implement a local logging/backup/monitoring tool that stores per-command logs under ~/.local/share/dotfiles. Nothing in the code requires cloud credentials, unrelated binaries, or other system-wide access beyond standard filesystem and POSIX utilities — consistent with the described purpose.
Instruction Scope: noteRuntime instructions and the script are scoped to local logging, search, export, and status operations. There is no network I/O or access to other system configuration paths. However, the tool appends arbitrary user input directly into log files and uses simple printf/echo to produce JSON exports without escaping values; this can produce malformed or unsafe exports if logs contain quotes/newlines or sensitive data. Also some minor shell-pipeline behaviour (e.g., counting matches in a piped while loop) is a quality issue but not a security breach by itself.
Install Mechanism: okNo install spec or remote downloads are present; the skill is instruction-only with a single local shell script. Nothing is fetched from external URLs at install time, minimizing supply-chain risk.
Credentials: okThe skill requests no environment variables, no credentials, and only uses standard POSIX utilities. This is proportionate to its function.
Persistence & Privilege: okThe skill is not force-enabled (always: false) and is user-invocable. It does not modify other skills or system-wide agent settings. Its only persistent state is local files under ~/.local/share/dotfiles, which is appropriate for a logging/backup tool.