Skillv1.0.6

ClawScan security

LighterLoad · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 18, 2026, 5:10 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested accesses and runtime instructions are coherent with its stated purpose (a periodic, privacy-conscious personal care assistant); nothing in the package indicates it is trying to do unrelated or hidden activities.
Guidance: This skill is internally consistent with its goal of proactively helping with relationships and household planning. Before installing: verify the platform permissions it will get (file memory access, calendar read, ability to send messages, and permission to schedule recurring tasks), confirm you want a weekly automated cron job, and ensure you understand how to delete the memory/people/ files if you stop the skill. Note the README references cloning an external GitHub repo and a commercial site (lighterload.chat) — those are informational and not included in this package; if you plan to follow those links, review the external content separately. If you have strict privacy requirements, test onboarding with minimal data and confirm deletion works as described.

Review Dimensions

Purpose & Capability: okName/description match the runtime instructions: building and maintaining a people directory, checking calendars/holidays, producing weekly care nudges, and storing/updating person files. The platform capabilities it asks for (file memory, calendar read, messaging, web search, cron) are reasonable and proportional to its stated goals.
Instruction Scope: noteSKILL.md explicitly instructs the agent to read/write files under memory/people/, check calendars, run weekly sweeps, and send brief messages. Those actions are within scope for a proactive assistant. The instructions require creation of cron jobs and persistent memory; they also instruct storing personal data and deleting it on request (which is appropriate). Minor inconsistencies: occasional path variations (e.g. memory/people/ vs memory/[user]/holidays-[year].md) and the README suggests a git-clone install from a GitHub repo even though this published package is instruction-only.
Install Mechanism: okThere is no install spec and no code files in the bundle — lowest-risk delivery model. The README's manual git clone line points to an external repo, which is an informational inconsistency but not an active install step in this package.
Credentials: okThe skill declares no required environment variables or credentials. It requests host-provided capabilities (file memory, calendar, messaging, web search, cron) that are directly relevant to its function. It explicitly avoids collecting sensitive financial/account identifiers and asks for opt-in consent before populating holiday/school data or creating the cron job.
Persistence & Privilege: noteThe skill is designed to be persistent (periodic cron sweeps and an evolving memory store), which matches its purpose. It is not marked always:true. Because it performs recurring actions and can send messages, the platform should require explicit user approval before enabling the cron job and message-sending permissions; SKILL.md states onboarding and cron creation are opt-in, which mitigates risk.