Back to skill
Skillv1.0.0
ClawScan security
Structure Thinking · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 3, 2026, 12:20 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only skill for structured problem analysis; it contains guidance and templates only and requests no installs, credentials, or file/system access.
- Guidance
- This skill is a set of templates and step-by-step guidance for structuring messy problems and appears internally consistent. Before installing, confirm that you understand it will ask for context (metrics, owners, constraints) — it does not itself access your systems or secrets. If you plan to let the agent access external data sources (databases, monitoring, or files) to populate metrics, make sure those data-accessing skills/tools are authorized and reviewed separately. If you prefer the agent not to invoke skills autonomously, consider disabling autonomous invocation at the agent/platform level.
Review Dimensions
- Purpose & Capability
- okThe name/description (structured problem analysis, system mapping, hierarchical logic) matches the SKILL.md and reference files. All included materials are guidance, templates, and examples that support the stated purpose.
- Instruction Scope
- okRuntime instructions are limited to asking for user inputs, building models, and producing templates/memos. They do not instruct the agent to read system files, call external or hidden endpoints, access environment variables, or exfiltrate data. Prompts reference metrics and trends but expect the user or agent context to provide those, which is appropriate for this type of skill.
- Install Mechanism
- okNo install spec and no code files that execute. Instruction-only skill — nothing is downloaded or written to disk as part of installation.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. There are no unexplained secrets or cross-service credentials requested.
- Persistence & Privilege
- okalways:false (not force-installed) and disable-model-invocation:false (normal — agent may invoke the skill when eligible). The skill does not request persistent system changes or modify other skills' configs.