Back to skill
Skillv2.0.0
ClawScan security
Idiom Dictionary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 17, 2026, 6:49 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions match its stated purpose (a small offline Chinese idiom utility); it requests no credentials, makes no network calls, and its filesystem activity is limited to a user-scoped data directory.
- Guidance
- This skill appears coherent and low-risk: it contains only small shell scripts and an inline Python snippet implementing a 20-entry idiom dictionary and a simple local DB. Before installing, note it will create and write files under ~/.local/share/idiom-dictionary (or the directory you set via IDIOM_DICTIONARY_DIR). No network access or credentials are required. If you prefer, set IDIOM_DICTIONARY_DIR to a sandbox folder you control, inspect the files (scripts/*.sh) yourself, and remove the data directory after use.
Review Dimensions
- Purpose & Capability
- okName/description match the included scripts and SKILL.md. The two included shell scripts implement searching, listing, random selection, and a small local DB — all consistent with a local idiom dictionary/utility.
- Instruction Scope
- okSKILL.md only documents commands and usage and mentions optional IDIOM_DICTIONARY_DIR. It does not instruct the agent to read unrelated secrets, contact external endpoints, or perform broad system scans.
- Install Mechanism
- okNo install spec (instruction-only skill with bundled scripts). No downloads or external installers are used; the bundled scripts are plain shell and an inline Python snippet.
- Credentials
- noteNo environment variables or credentials are required. The script defaults to writing data under ~/.local/share/idiom-dictionary (or $XDG_DATA_HOME). This is proportionate for a local data store but will create history.log and data.log files in the user's data directory.
- Persistence & Privilege
- okalways is false and the skill does not request elevated privileges or modify other skills. The skill can run autonomously by default (platform default) but there are no additional persistence or privilege escalations requested.