Skillv1.0.0

ClawScan security

harness-engineering · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 8:22 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required resources, and metadata are coherent with its stated purpose of auditing and incrementally improving a repository for agent legibility and governance.
Guidance: This skill is internally consistent and does what it says: audit a repo and add docs/checks. Before using it, ensure your agent runtime has any local tools you expect (e.g., bun) or edit the instructions to use your project's tooling; review all proposed repository edits, CI changes, and governance scripts before merging; and if you prefer to prevent autonomous edits, disable implicit invocation or require manual approval so the agent cannot modify repos/CI without a human in the loop. Note: README contains an example local path (C:\Users\kisde...) — harmless example text but verify no accidental personal secrets are included before publishing.

Review Dimensions

Purpose & Capability: okThe name/description match the actual instructions: audit a repo, add repo-local docs, create executable checks, and wire CI. There are no unrelated requested credentials, binaries, or config paths that don't belong to this task.
Instruction Scope: noteSKILL.md stays within scope: it instructs the agent to read repo docs, add artifacts, create checks, and run a local validation command. Two points to note: (1) it recommends using the bun tool for lightweight governance scripts and suggests running `bun run template:check` — but the skill does not declare bun as required, so runtime may fail if bun is not present; (2) the instructions expect the agent to modify the repository and wire CI pipelines, which is appropriate for the purpose but is an action that should be reviewed by a human before merging or pushing.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files — lowest-risk installation footprint. Nothing will be downloaded or executed by the platform as part of an install.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The guidance to use local tooling and CI is proportional to its goal and does not ask for unrelated secrets.
Persistence & Privilege: noteThe skill is not always-on and declares default model invocation behavior. agents/openai.yaml sets policy.allow_implicit_invocation: true, which permits implicit/autonomous invocation. That is coherent with an agent-facing skill but means the skill can be invoked by the model without an explicit user button press; combine this with the fact the skill edits repos and wires CI — you may want to control invocation or require human review of changes.