Back to skill
Skillv1.0.0
ClawScan security
Cxz9909 Adaptive Reasoning · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 26, 2026, 12:59 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it's an instruction-only preprocessor that decides when to enable extended reasoning, and it requests no credentials or installs.
- Guidance
- This skill is coherent and doesn't ask for secrets or install anything. Before enabling it, decide whether you want the agent to silently toggle extended reasoning (it may increase token usage and change answer style) and confirm your platform supports the referenced commands (/reasoning or session_status). If you prefer explicit control or to avoid extra token costs, don't enable silent activation or disable the skill. If the platform lacks the session_status tool, the activation steps may be nonfunctional—test behavior in a safe session first.
Review Dimensions
- Purpose & Capability
- okName and description match the actual instructions: the SKILL.md only describes heuristics for assessing complexity and when to enable reasoning. It does not request unrelated resources, credentials, or system access.
- Instruction Scope
- noteInstructions direct the agent to evaluate every user message, toggle reasoning mode, and append icons to responses. This is within the skill's stated purpose, but the SKILL.md references internal controls (session_status tool and /reasoning commands) that are not declared in the skill metadata—if those platform controls don't exist, the activation steps may silently fail or be undefined. The skill also instructs silent activation ('Do not ask. Just activate.'), which changes agent behavior without user prompts (expected for this skill, but worth being aware of).
- Install Mechanism
- okNo install spec and no code files are provided; instruction-only skills carry minimal install risk because nothing is written to disk or downloaded.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. There are no disproportionate or unexplained secret requests.
- Persistence & Privilege
- notealways is false and the skill does not request persistent system presence or modify other skills. It does, however, instruct the agent to autonomously enable reasoning mode without asking users; autonomous invocation is normal for skills but this silent activation can increase token usage and change response behavior without explicit user consent.