Back to skill
Skillv1.0.0
ClawScan security
incident-postmortem · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 12:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are coherent with a postmortem/log-parsing tool: it reads local logs/JSON, parses events, and produces reports without requesting secrets or performing network I/O.
- Guidance
- This package appears to be a straightforward, local postmortem/report generator that reads log files and JSON incident data and produces Markdown/HTML/JSON output. Before installing or running it: (1) review the included scripts (scripts/generate_postmortem.py) yourself — it is bundled and readable; (2) run it with least privilege and avoid pointing it at log files that contain sensitive secrets you don't want processed or stored in generated reports; (3) test on non-production copies of logs if possible; (4) note the listed $59 price in STATUS.md if you’re obtaining it commercially. No network calls or credential requests were found in the provided files, but inspect any updated/remote versions before use.
Review Dimensions
- Purpose & Capability
- okName/description (postmortem, log parsing, blame-free language) match the included script and documentation. Examples, CLI flags, and templates align with a report generator that ingests logs and JSON timelines.
- Instruction Scope
- okSKILL.md instructs the agent to read logs, timeline JSON, and incident JSON and to run the included Python script; those operations are appropriate for the stated purpose. The instructions do not ask for unrelated system data or external endpoints.
- Install Mechanism
- okThere is no install spec (instruction-only packaging) and the implementation claims to use only the Python standard library. No external downloads or archive extraction are present in the package metadata.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. Its file I/O (reading log files and JSON incident files) is proportional to a log-parsing postmortem tool.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated or persistent system privileges. It runs as an on-demand CLI utility and does not modify other skills or global agent settings.