Back to skill
Skillv0.1.0
ClawScan security
Risk Assessment · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 2:30 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests, files, and runtime instructions are consistent with a risk‑assessment assistant and do not ask for unrelated credentials or unusual installs.
- Guidance
- This skill appears coherent and appropriate for producing formal risk assessments. Before installing or invoking it: only provide the context and documents you intend the agent to inspect (avoid uploading credentials, private keys, or unrelated system files); if the agent runtime exposes filesystem or network access, restrict those capabilities to a safe workspace; the examples reference using an API client (Anthropic) — do not hardcode API keys into skill files. Finally, review the generated findings before acting on them (the assistant's recommendations should be validated by a human assessor).
Review Dimensions
- Purpose & Capability
- okThe name/description match the included SKILL.md and example. No binaries, env vars, or install steps are declared that would be unrelated to performing a written risk assessment.
- Instruction Scope
- noteThe SKILL.md instructs the agent to review provided context, uploaded documents, and optional framework appendices — which is expected. However the allowed-tools list (Read, Glob, Grep, WebFetch) would permit the agent to read files or fetch URLs; ensure the agent runtime is only given access to documents you intend it to read (do not expose unrelated system files or secrets).
- Install Mechanism
- okNo install spec is present (instruction-only skill). Nothing is downloaded or written to disk by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. Example code references an Anthropic client but that is an example only and not a declared runtime requirement of the skill.
- Persistence & Privilege
- okalways is false and disable-model-invocation is default (agent may invoke autonomously). This is normal; the skill does not request elevated or persistent system presence.