Back to skill
Skillv2.0.0
ClawScan security
Empathic Trinity Core · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 7:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instructions are coherent with the stated purpose: the skill only reads/edits workspace memory and agent config files to implement a memory architecture and does not request unrelated credentials or install external code.
- Guidance
- This skill appears to do exactly what it claims: read and rewrite workspace memory and agent config files to implement ‘Memory V8’. Before installing or running it: (1) review and back up AGENTS.md, MEMORY.md and any daily files so you can revert changes; (2) be aware the skill will ask for full tools/file permissions if it cannot read/write files — granting that lets it modify workspace files (which is required for its purpose); (3) if you share this workspace with other agents, note that changing AGENTS.md affects their memory-loading behavior; (4) run the skill in a test workspace first to confirm the edits match your expectations.
Review Dimensions
- Purpose & Capability
- okName/description promise a workspace memory reconfiguration; the SKILL.md only requires reading and rewriting workspace files (AGENTS.md, MEMORY.md, memory/*, SOUL.md, USER.md) and adjusting memory-loading behavior. No unrelated binaries, env vars, or external services are requested.
- Instruction Scope
- noteRuntime instructions explicitly direct the agent to read and modify workspace files (AGENTS.md, MEMORY.md, daily files, templates) and to inject a three-part memory structure. This is consistent with the claimed purpose but does grant the skill authority to change workspace agent configuration and long-term memory files; the skill also requires the agent to prompt for full 'tools' permission if it cannot read/write files, which elevates required runtime privileges.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. There is nothing downloaded or written to disk beyond the intended edits to workspace files, so install risk is minimal.
- Credentials
- okThe skill requests no environment variables, no credentials, and no external endpoints. All required artifacts are workspace-local files; the requested access is proportionate to its purpose of reconfiguring a workspace memory system.
- Persistence & Privilege
- notealways is false (no forced inclusion). The skill will edit AGENTS.md and MEMORY.md in the workspace, which changes agent behavior for that workspace. This is expected for a configuration skill but is a persistent change the user should review. Autonomous invocation is allowed (default) — combine this with file-editing capability means the agent could make changes without repeated explicit consent if tool permissions are granted.