Skillv0.1.0

ClawScan security

Compliance Posture Intake · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 1:29 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: An instruction-only HIPAA compliance intake skill whose requested capabilities and instructions align with its stated purpose and which does not request extra credentials, installs, or persistent privileges.
Guidance: This skill appears coherent and low-risk as an instruction-only intake workflow, but exercise caution before supplying real PHI or organization secrets. Verify the agent context's tool permissions: if Read/Glob/Grep are enabled the agent may access files present in its workspace; if WebFetch/WebSearch are enabled it may send data to external endpoints. Only provide documents you intend to be analyzed, prefer de-identified data where possible, and confirm whether your agent environment will chain to external services (Claude Code, Rote MCP, or any third-party API) before sharing sensitive material. Because the skill's source/homepage is unknown, consider running it in an isolated or non-production environment first and review the full SKILL.md to ensure no steps require access to unrelated system data.

Review Dimensions

Purpose & Capability: okThe skill name and description match the SKILL.md: it guides a conversational intake, analyzes user-provided compliance documents, and produces a report. Optional chaining to a 'rote-compliance-toolkit' is declared as optional and consistent with the claimed functionality. No unrelated credentials or binaries are requested.
Instruction Scope: noteThe instructions direct the agent to run a structured interview and analyze documents the user supplies. Allowed tools include Read, Glob, Grep, WebFetch, WebSearch, and Write — which is coherent for document analysis but means the agent could read files available in its context or perform web/network operations if those tools are enabled. The SKILL.md itself does not instruct the agent to read unrelated system secrets or to exfiltrate data, but users should confirm which tools/endpoints the agent environment exposes before supplying PHI.
Install Mechanism: okThere is no install spec and no code files; this is instruction-only, which minimizes on-disk risk. Nothing is downloaded or installed by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. That is proportionate to an intake and document-analysis workflow.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent agent-level privileges or to modify other skills. Autonomous invocation is allowed by platform default; nothing in SKILL.md requests elevated persistence.