Back to skill
Skillv1.0.0
ClawScan security
Ministry Weekly · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 6:39 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with its stated purpose of generating weekly church communications and it does not request credentials, installs, or other privileged access.
- Guidance
- This skill appears coherent and low-risk: it only generates content and asks for minimal input. Before installing, consider (1) whether you want the broad auto-trigger behavior—if not, restrict triggers or adjust the SKILL.md wording; (2) avoid pasting private or sensitive personal data into prompts (the skill will include whatever you provide in outputs); and (3) review outputs for theological/denominational appropriateness before distributing to your congregation.
Review Dimensions
- Purpose & Capability
- okName/description (weekly church content) match the SKILL.md and README; no unrelated env vars, binaries, or config paths are requested.
- Instruction Scope
- noteSKILL.md is focused on generating bulletin, social posts, and an email and does not request external data or credentials. It does instruct the agent to auto-trigger on casual church-context phrasing, which could lead to unintended activations (functional risk, not a credential/exfiltration issue).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. Lowest-risk install footprint; nothing is written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are required. The skill does not ask for unrelated secrets or system access.
- Persistence & Privilege
- okalways is false and the skill does not request permanent presence or system-wide configuration changes. Autonomous invocation is allowed by platform default but not escalated by this skill.