ClawHub
Back to skill
v1.0.0

Prepublish Privacy Scrub

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:14 AM.

Analysis

The skill is meant to remove secrets before publishing, but its scrub instructions can overwrite many local files and its backup/safety claims are not supported by the provided code.

GuidanceReview before installing or using. This skill is aligned with pre-publication privacy checks, but run it only on a backup copy or a narrowly scoped skill folder. Do not rely on the stated backup protection unless you add it yourself, and manually verify scan results before publishing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
$files = Get-ChildItem $path -Recurse -File ... $content | Out-File $file.FullName -Encoding UTF8

The scrub function recursively enumerates all files under a user-provided path and overwrites modified files in place, without a shown confirmation, dry-run, file-type limit, or safety boundary.

User impactIf the wrong path is used, the agent could alter many local files and make changes that are hard to reverse.
RecommendationOnly run the scrubber on a copied skill folder, require a dry-run/diff first, limit the file extensions to intended skill artifacts, and ask for explicit confirmation before writing changes.
Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
- Original files backed up before scrub

The artifact claims files are backed up before scrubbing, but the included scrub workflow overwrites files in place and does not include a backup step.

User impactA user may believe the scrub is reversible when the provided instructions do not actually preserve originals.
RecommendationAdd an implemented backup step, document where backups are stored, and avoid claiming backup protection unless it is part of the actual workflow.
Human-Agent Trust Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
description: Scan and remove sensitive data before publishing skills. Detect API keys, tokens, secrets, and personal info.

The stated goal includes removing personal information, but the replacement rules shown only redact apiKey, token, and secret patterns; other detected items such as emails, passwords, paths, and URLs are not shown as automatically scrubbed.

User impactThe scan may help find sensitive content, but users should not assume all personal information or secrets are automatically removed.
RecommendationTreat results as a checklist requiring human review, and expand or clearly document which sensitive data types are only detected versus actually scrubbed.