Skillv1.0.0

ClawScan security

HabitChat · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 18, 2026, 11:03 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill appears consistent with its description: local habit tracking, streaks, coaching, and reminder helpers that store data under ~/.habitchat and require only python3; there are no requests for credentials or network endpoints and no install downloads.
Guidance: This skill appears to be what it claims: a local habit coach that only needs python3. Before installing or running: (1) review the included scripts (they are in plain Python) and confirm you’re comfortable with files being created under ~/.habitchat, (2) be aware habit logs and reminders are stored as plain JSON and shell scripts (not encrypted), (3) the reminder setup writes .sh files and suggests cron entries but does not auto-edit crontab — only add cron lines if you trust the script paths, (4) if you want stronger privacy, consider moving ~/.habitchat to an encrypted location or review/delete it when you stop using the skill, and (5) run the code in an isolated environment if you need extra assurance. Overall, nothing in the bundle requests secrets or network access and behavior is coherent with the stated purpose.

Purpose & Capability: okName/description match the actual code and runtime instructions. The scripts implement habit creation, logging, stats, coaching insights, and reminder script creation; requiring only python3 is appropriate.
Instruction Scope: okSKILL.md instructs the agent to run the included Python scripts and to store data under ~/.habitchat. The instructions stay within the stated domain (habit management, coaching, reminders) and do not ask the agent to read unrelated system files or external credentials.
Install Mechanism: okThere is no install spec that downloads or executes code from an external URL. The skill ships Python scripts in the bundle and expects python3 to be present; this is low-risk and proportional to the functionality.
Credentials: noteThe skill requests no environment variables or external credentials, which is proportional. Note that it stores user habit data, logs, and reminder scripts under ~/.habitchat (plain JSON and .sh files) — this is expected but means personal data is stored unencrypted on disk.
Persistence & Privilege: notealways:false (normal). The skill writes files to the user's home (~/.habitchat), creates executable reminder scripts, and provides cron lines for scheduling; it does not automatically modify system cron or other system-wide settings. These behaviors are within the scope of a reminder/tracker but are persistent on disk and worth user awareness.