Skillv1.0.1

ClawScan security

APEX STACK for Claude Code: Complete Autonomous Developer Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 8:03 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are internally consistent with a Claude Code developer-agent that maintains non-sensitive project memory and guides response style; no unexpected credentials, installs, or external endpoints are requested — but review the ARCHITECT (execution) section before enabling globally because it may instruct autonomous file edits or execution flows.
Guidance: This skill is an instruction-only developer-agent framework and appears coherent with its stated purpose, but review these before installing: - Inspect the full ARCHITECT (execution) section (the provided SKILL.md was truncated). Confirm whether it instructs the agent to run shell commands, modify files, commit, or call external endpoints — those are actions you should explicitly accept or deny. - Prefer project-level installation (append to your project's CLAUDE.md) rather than global, unless you want the behavior applied to every Claude Code session. - MEMORIA writes project memory to .claude/memoria.md (and suggests .claude/memoria.md be git-tracked). Do NOT put API keys, passwords, or other secrets into memoria.md. If you must store sensitive data for the agent, control access carefully and consider not tracking that file in git. - Back up your repo or work on a branch before letting an agent with autonomous execution privileges apply changes. Review any edits or proposed commands before applying them. - If you want a deeper security review, provide the complete (untruncated) SKILL.md so the ARCHITECT instructions can be fully audited — that section determines whether the agent will merely propose changes or also execute them automatically.

Review Dimensions

Purpose & Capability: okName/description (APEX cognitive + MEMORIA memory + ARCHITECT execution) match the SKILL.md and README: the skill is an instruction-only policy/behavior bundle for Claude Code. It requires no binaries, env vars, or install artifacts, which is proportionate for a purely instructional skill.
Instruction Scope: noteSKILL.md explicitly tells the agent to read project context files (.claude/memoria.md and CLAUDE.md), build a mental model, and create a memoria.md if absent. That is coherent for a persistent-memory feature, but it does mean the agent will read and write project files and persist non-secret project context. The SKILL.md also emphasizes not storing secrets in memoria.md and suggests keeping secrets in .env, which is guidance but not an enforcement mechanism. The ARCHITECT (execution) portion is truncated in the provided copy; the README and visible text describe autonomous goal execution (READ → PLAN → IMPLEMENT → TEST → VERIFY), which could lead to file edits or commands if the agent is allowed to act — users should inspect the full ARCHITECT instructions to confirm the exact scope of actions (e.g., whether it instructs running shell commands, invoking external services, or committing changes).
Install Mechanism: okNo install spec or code files — instruction-only skill. The README/INSTALL guidance is just 'clawhub install' and appending the SKILL.md into CLAUDE.md. No downloads, packages, or extracts are performed by the skill itself, so install risk is low.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That aligns with its stated purpose. The guidance to store secrets in .env is a user recommendation, not a requested credential, but it does create a potential user-operation risk if .env contents are mishandled — the skill itself does not request or access secrets.
Persistence & Privilege: notealways:false and no special privileges are requested, and the skill is active only when its content is present in CLAUDE.md (per SKILL.md). This is proportionate. However, because ARCHITECT is described as an 'execution' layer that automates tasks, combine that with the platform's ability to let Claude Code edit files or run tools: enabling the skill (especially globally) grants the agent behavioral instructions that may cause it to propose or apply code changes. This is expected for a developer agent but worth acknowledging as a persistence/privilege consideration.