Back to skill
Skillv1.0.1
ClawScan security
Multi-Agent Filesystem Governance · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 8:31 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope align with its stated purpose of making multi-agent filesystem placement and lifecycle decisions; it does not request credentials, install software, or reference unexpected endpoints.
- Guidance
- This skill is a guidance/ruleset for where agents should place, edit, and archive files and is internally consistent. Before installing or enabling it for autonomous use, confirm: (1) which agent(s) will be allowed to act on its decisions and what filesystem permissions they have; (2) whether you want the agent to be able to perform file operations automatically or only produce recommendations (prefer recommendation/dry-run mode initially); (3) that backups exist for any high-value directories the agent might touch; and (4) that you test the rules in a non-production sandbox to ensure they behave as you expect. If you need stricter control, restrict the agent's write access to only the intended private/shared areas.
Review Dimensions
- Purpose & Capability
- okName, description, and included reference documents consistently describe filesystem governance and placement rules. There are no unrelated environment variables, binaries, or config paths requested that would be inconsistent with this purpose.
- Instruction Scope
- noteSKILL.md provides policy-style rules and examples for where to create, edit, move, and archive files. It does not itself contain commands, external endpoints, or credential access, but it grants an agent broad discretion to decide and perform file operations — so runtime behavior depends on the agent's execution privileges (filesystem access) rather than the skill asking for secrets.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files; nothing is downloaded or written to disk by the skill package itself.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. Its guidance pertains to filesystem decision-making only, so there is no disproportionate secret or credential request.
- Persistence & Privilege
- notealways:false (normal). The skill is invocable and the agent may call it autonomously (platform default). Because the skill governs file operations, allow autonomous use only when you trust the agent's filesystem permissions and execution controls.