Back to skill
Skillv1.0.0
ClawScan security
Redline Contract · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 2:05 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and resource files are internally consistent with a DOCX paragraph-level redlining tool and do not request unrelated credentials or external network access.
- Guidance
- This appears to be a straightforward local DOCX redlining tool. Before installing or running it: 1) Review the provided scripts (you already have them) and run them on copies of your contracts rather than originals. 2) The tool operates locally and does not include network calls, but ensure your environment's Python packages (e.g., lxml/python-docx) are installed from trusted sources. 3) Confirm outputs (.review.json, amended .docx, risk-report.docx) look correct and that tracked changes are accurate. 4) If you have strict data-handling requirements, run the script in a sandboxed environment or on an isolated machine. 5) Note a minor mismatch in the script's dependency error message (mentions python-docx when it imports lxml) — this is likely a documentation slip, not malicious behavior.
Review Dimensions
- Purpose & Capability
- okName/description (paragraph-by-paragraph redlines, risk reports, .review.json) matches the included script and SKILL.md workflow; required resources (none) are proportionate.
- Instruction Scope
- okSKILL.md instructs the agent to run the included Python script on local DOCX files and to edit the produced .review.json; the runtime instructions focus on reading/writing DOCX and JSON and do not ask the agent to read unrelated system files, environment variables, or send data to external endpoints.
- Install Mechanism
- okInstruction-only skill with a bundled script — there is no install spec, no network downloads, and no unusual install locations. The script depends on Python libraries (lxml / python-docx) which are typical for DOCX manipulation.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. The code operates on user-supplied input/output paths only, which is appropriate for the stated purpose.
- Persistence & Privilege
- okFlags show normal defaults (always: false); the skill does not request permanent/privileged platform presence or attempt to modify other skills or global agent settings.