ClawHub
Back to skill
v1.0.0

Auto README Generator (ChloePark85)

BenignClawScan verdict for this skill. Analyzed May 3, 2026, 12:03 AM.

Analysis

This skill is a simple README writer with no credential, network, or hidden behavior, but it can overwrite an existing README and its generated content should be reviewed.

GuidanceThis looks safe to use for a local README draft. Before installing or running it, make sure you are in the correct project folder, back up any existing README.md, and review the generated content—especially the license—before committing or publishing it.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
readme-generator.sh
PROJECT_PATH=${1:-.}
...
echo -e "$README_CONTENT" > "$PROJECT_PATH/README.md"

The script defaults to the current directory and uses shell redirection to create or overwrite README.md without checking whether one already exists. This is purpose-aligned, but users should run it only where overwriting is acceptable.

User impactAn existing README.md in the chosen project directory could be replaced.
RecommendationBack up or review any existing README before running the skill, and specify the intended project path explicitly.
Human-Agent Trust Exploitation
SeverityInfoConfidenceHighStatusNote
readme-generator.sh
This project is licensed under the MIT License.

The generated README content is hardcoded, including the license statement, while the skill description says it generates a README based on project contents. This is not malicious, but it could produce inaccurate project documentation.

User impactThe README may include generic or incorrect information, especially the license section.
RecommendationReview and edit the generated README before relying on it or publishing it.