Back to skill
Skillv2.0.1
ClawScan security
Secret Sealer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 7:44 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- The skill appears to be a simple reference/documentation helper with no evidenced credential use, network access, persistence, or account-changing behavior.
- Guidance
- This skill looks low-risk based on the provided artifacts. It appears to provide static reference text only. Before relying on it, note that the content is generic and the script version differs slightly from the registry version, but these are quality/coherence issues rather than security concerns.
Review Dimensions
- Purpose & Capability
- okThe stated purpose is quick reference documentation for Secret Sealer concepts, and the included script only prints static help/reference text for the listed commands.
- Instruction Scope
- okThe instructions are limited to documentation lookup commands such as intro, quickstart, patterns, debugging, performance, security, migration, and cheatsheet.
- Install Mechanism
- okNo install specification is provided; the included shell script is consistent with a local reference command and does not show package installs, remote downloads, or automatic execution.
- Credentials
- okThe artifacts declare no required binaries, environment variables, credentials, config paths, or network access, which is proportionate for a static documentation skill.
- Persistence & Privilege
- okNo persistence, background operation, credential access, privilege escalation, or mutation of local/account data is evidenced in the supplied artifacts.