Back to skill
Skillv1.0.0
ClawScan security
Hello Agent World · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 19, 2026, 7:54 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (a simple greeting helper); it requests no secrets, installs nothing, and its instructions are narrow aside from a minor open-ended prompt about describing agent capabilities.
- Guidance
- This skill appears safe and straightforward: it only outputs a greeting, includes the current date/time, and personalizes by name. It does not request secrets or install software. The only minor concern is the instruction to "present your agentic capabilities" — that could cause the agent to reveal details about its tools or abilities beyond a simple greeting. If you prefer a minimal greeting, remove or revise that line in SKILL.md before installing. Otherwise it's fine to install.
Review Dimensions
- Purpose & Capability
- okName and description match the declared requirements and behavior: a greeting skill. It declares no binaries, env vars, or installs — which is proportional for a simple text-based greeting helper.
- Instruction Scope
- noteInstructions are limited to greeting in the user's language, including current date/time, emoji, and personalization. One instruction — "Explain them that you are an agent and present your agentic capabilities" — is somewhat open-ended and could cause the agent to disclose more about its tools/capabilities than a simple greeting needs. The SKILL.md does not instruct reading files, env vars, or contacting external endpoints.
- Install Mechanism
- okNo install spec and no code files (instruction-only). This is low risk: nothing will be written to disk or fetched during install.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. There is no disproportionate access requested for the described functionality.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. disable-model-invocation is default (agent can call it autonomously), which is normal for skills and acceptable here given the narrow scope.