Skillv0.1.0

ClawScan security

Syléa · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 11:10 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Syléa is internally consistent: an instruction-only, local-first life‑coach that only asks the agent to create and write files under ~/.sylea/ and does not request external credentials or installs.
Guidance: Syléa appears coherent and local-only, but before installing: 1) be aware it will store sensitive personal info (identity, goals, well‑being scores) in ~/.sylea/ — inspect or remove those files if you stop using the skill; 2) confirm your system/backup settings (e.g., cloud backups) so those local files are not inadvertently synced off-device; 3) verify the skill source/homepage (source listed as unknown here) if you care about provenance; 4) the README advertises a paid 'Pro' cloud/automation offering — do not supply any cloud credentials or enable remote sync unless you trust that external service; and 5) because this is instruction-only, there is no remote code being downloaded by the skill itself, but platform-level capabilities (agent autonomy, other skills, system backups) can still expose the stored data — consider the sensitivity of what you store.

Review Dimensions

Purpose & Capability: okThe skill name/description (personal life coach, dilemma analysis, goal tracking) aligns with the actual requirements and behavior: it only needs local persistent storage (~/.sylea/) and conversational scoring protocols. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope: noteSKILL.md directs the agent to create ~/.sylea/ subfolders and save profile, dilemma, goal, and checkin markdown files there. That is within scope for a persistent coaching skill, but it does mean the skill will store potentially sensitive personal data (name, age, city, life goals) on disk. The instructions explicitly state 'No network calls, no telemetry.'
Install Mechanism: okNo install spec and no code files are included (instruction-only). This minimizes risk because nothing is downloaded or written beyond the files the skill itself asks the agent to create.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths other than creating and using ~/.sylea/. There are no disproportionate credential requests.
Persistence & Privilege: noteThe skill persists user data locally under ~/.sylea/ (expected for a coach). always:false and model invocation is allowed (platform default). Autonomous invocation combined with persisted personal data increases exposure if other platform components or backup/sync mechanisms access that path, but the skill itself does not request elevated privileges or system-wide changes.