Skillv2.0.0

ClawScan security

Official Doc · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 17, 2026, 6:56 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions match its stated purpose (official document templates, format/tone checks); included scripts are local, require only Python, and do not request secrets or network access.
Guidance: This skill appears to do exactly what it says: generate official-document templates and run local format/tone checks with Python. Before installing/using: 1) review or run the scripts in a safe environment (the code is small and readable). 2) be aware scripts/script.sh will create a data directory (defaults to ~/.local/share/official-doc) and append logs if you run it — if you don't want persistence, avoid running that script. 3) no credentials or network calls are required by the visible code, but if you modify or extend the skill, re-check for any added network or secret-access behavior. If you want extra caution, run the scripts inside a sandbox or ephemeral container.

Review Dimensions

Purpose & Capability: okName/description (公文写作助手) align with the provided scripts: scripts/official.sh (embedded Python) implements notice/request/report/reply/format-check/tone/template features described in SKILL.md. The presence of an extra helper (scripts/script.sh) that looks like a generic developer-tool wrapper is slightly out-of-place but not incompatible with the stated purpose.
Instruction Scope: okSKILL.md instructs running scripts/official.sh which prints templates and performs local format/tone analysis on user-supplied text. The instructions do not ask the agent to read unrelated system files, environment secrets, or transmit data off-host. Minor inconsistency: tips.md sometimes references 'official.sh' (no 'scripts/' prefix) but this is a usability issue, not a security concern.
Install Mechanism: okNo install spec; this is an instruction-only skill with included scripts. No remote downloads, package installs, or archive extraction are present.
Credentials: okThe skill declares no required environment variables or credentials. The only environment usage is in scripts/script.sh which respects OFFICIAL_DOC_DIR/XDG_DATA_HOME/HOME for a local data directory — reasonable for a local tool and proportionate to its logging/persistent-data behavior.
Persistence & Privilege: noteThe skill is not forced-always nor privileged. One included file (scripts/script.sh) writes logs and a data.log under a per-user data directory (~/.local/share/official-doc by default) if run; the main publicized entrypoint (scripts/official.sh) does not write files. This persistence is limited to the user's home directory and is not excessive but worth noting.