Skillv1.0.0

ClawScan security

Grounding Practices · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 16, 2026, 12:00 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only guidance skill that aligns with its stated purpose (grounding practices for agents), requests no credentials or installs, and contains no code or networking — nothing in the package suggests hidden or unrelated behavior.
Guidance: This skill is an instruction-only set of agent self-checks and appears internally coherent and low-risk: it doesn't request credentials, doesn't install code, and doesn't include network endpoints. Before installing, consider: 1) verify the skill's provenance if that matters to you (README/package.json reference a GitHub repo but registry metadata shows no source), 2) review the practices to ensure you want your agent to adopt them (they can change agent behavior and reduce/alter output), and 3) remember that instruction-only skills rely on the agent actually following them—they don't enforce behavior at the platform level. If you require stronger guarantees, prefer skills that are auditable and come from known repositories or maintainers.

Purpose & Capability: noteName, description, README, and SKILL.md consistently describe a set of internal behavioral practices for agents. There is a minor provenance inconsistency: registry metadata lists no source/homepage, while package.json and README reference a GitHub repo (compass-soul). This is a bookkeeping/provenance note, not a functional mismatch.
Instruction Scope: okSKILL.md contains only behavioral guidance (self-checks, prompts to seek human verification, and introspective routines). It does not instruct the agent to read arbitrary system files, access environment variables, call external endpoints, or execute binaries. Suggested actions (e.g., 'read SKILL.md at startup', 'ask your human for verification') are within the stated purpose.
Install Mechanism: okThere is no install spec and no code to execute; README suggests cloning a GitHub repo but no automated installer or remote downloads are included. Instruction-only skills are the lowest install risk.
Credentials: okThe skill requests no environment variables, no credentials, and lists no config paths. There is no apparent need for any secrets or external service access for its stated functionality.
Persistence & Privilege: okFlags are default (not always: true), and the skill does not request persistent system presence or modification of other skills. As an instruction-only skill it cannot autonomously install components or modify agent config.