Skillv2.0.2

ClawScan security

Story Writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 27, 2026, 2:09 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is mostly coherent for a story-writing toolkit, but there are a few mismatches and local file-write behaviors not declared in the metadata that you should know about before installing.
Guidance: This skill appears to be a local story-writing toolkit implemented as bash scripts. It does not contact the network or request credentials, which is good. Before installing or running it: 1) Note that it will create and write files under ~/.local/share/story-writer (or $XDG_DATA_HOME or $STORY_DIR if set); if you want to avoid that, set STORY_DIR to a safe folder. 2) The SKILL.md incorrectly lists python3 as a requirement — the scripts are bash-based, so python isn't needed. 3) The scripts write files using user-supplied names (e.g., save <name>), which could allow path traversal if names are not sanitized — avoid passing untrusted or specially crafted names and review the cmd_save implementation. 4) Review the provided scripts yourself (or run them in a sandbox/container) before giving the agent permission to execute them. If you plan to let the agent run the skill autonomously, remember it will be able to write files to your user data directory, so limit privileges accordingly.

Purpose & Capability: noteName/description match the included scripts: both scripts generate outlines, characters, plots, worldbuilding, etc. The included bash tools are appropriate for the stated purpose. Minor mismatch: SKILL.md lists python3 as a requirement but none of the shipped scripts use Python.
Instruction Scope: concernSKILL.md is user-facing guidance and does not mention the scripts' side effects: the shell scripts create a data directory (default $XDG_DATA_HOME or $HOME/.local/share/story-writer), write story drafts, character lists, and an activity history.log. The metadata declared no config paths or env vars, yet the code reads STORY_DIR/XDG_DATA_HOME and writes files — this persistence behavior is not documented in SKILL.md.
Install Mechanism: okNo install spec is present (instruction-only), and the included files are local bash scripts. No network downloads or external installers are called in the scripts.
Credentials: okThe skill declares no required credentials or sensitive env vars. It optionally respects STORY_DIR and XDG_DATA_HOME for storage location, which is proportional. No external endpoints or credentials are requested.
Persistence & Privilege: noteThe scripts persist data under a per-user data directory (stories/, characters/, history.log). always:false and no elevated privileges are requested. However, the tool will write files into the user's home directory by default.