Back to skill
Skillv2.0.1
ClawScan security
Prospect · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 4:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This instruction-only skill's requirements, instructions, and files are coherent with its stated purpose of ranking and routing prospect lists — it asks for no credentials, installs nothing, and its runtime guidance stays within scope.
- Guidance
- This skill is instruction-only and internally consistent for scoring prospects. Before using it, avoid pasting sensitive personal data or regulated information about targets (e.g., health, financials, or protected-class data) — follow your organization's privacy and compliance rules. If you later chain this skill with web-research or outreach skills, review those other skills' env and install requirements (they may request API keys or have installation steps). Finally, treat outputs as decision-support: validate high-value decisions with additional human review, especially for legal or compliance questions.
Review Dimensions
- Purpose & Capability
- okThe name/description (prioritize prospects by fit/timing/value/access) matches the SKILL.md, README, and examples. There are no unexpected required binaries, env vars, or config paths that would be unrelated to prospect scoring.
- Instruction Scope
- okThe SKILL.md describes how to score and route targets and what inputs to provide. It does not instruct the agent to read system files, access unrelated environment variables, call hidden endpoints, or exfiltrate data. It explicitly defers target discovery and active conversation handling to other skills.
- Install Mechanism
- okNo install spec or code files that would be written to disk; this is an instruction-only skill, minimizing installation risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. Nothing in the documentation asks for secrets or unrelated credentials.
- Persistence & Privilege
- okFlags show always:false and normal model invocation. The skill does not request permanent presence or modify other skills' configuration; autonomous invocation is permitted by default and is not a concern here.