Skillv3.0.0

ClawScan security

Ralph Quick Security Check · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 19, 2026, 2:17 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required actions, and scope are coherent with a fast repository-focused security spot-check; it does not request unrelated credentials or external installs, but it will read and modify repository files and may run PoC-style verification if implemented by the agent.
Guidance: This skill is internally consistent for a quick repo-focused security spot-check. Before installing or running it: - Ensure the agent runs in a safe workspace or a checked-out copy (it will read source code, CI files, Dockerfiles and may rename or write .ralph-report.md). - If you do not want any code executed, restrict the agent from running shell commands or performing PoC verification; treat VERIFIED findings that require PoC as manual actions. - Review report outputs and any file renames before committing them to source control. - Prefer running this skill on non-production or CI snapshots when you want it to perform any potentially disruptive verification steps. If you need stricter guarantees (no execution, no writes), require the skill to operate in read-only mode or provide a configuration that disallows PoC/execution steps.

Purpose & Capability: okName/description (quick security spot-check) align with the instructions: the SKILL.md explicitly directs repository discovery, secret and OWASP-style checks, and lightweight infra checks. No unrelated binaries, env vars, or external services are requested.
Instruction Scope: noteInstructions require reading repository files (git metadata, package manifests, Dockerfiles, CI configs, source code) and saving a report to .ralph-report.md — all relevant to the stated purpose. Be aware the VERIFY step allows code reading and 'PoC' style verification (VERIFIED), which could lead the agent to execute or construct proofs-of-concept if the agent is permitted to run commands; that behavior is coherent for a security audit but raises operational risk and should be limited or sandboxed in production environments.
Install Mechanism: okInstruction-only skill with no install spec and no code files; no downloads or external packages are pulled. Low install risk.
Credentials: okNo environment variables, credentials, or config paths are requested. The checks are file- and repo-focused, so required access is proportionate to the stated purpose.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges. It writes/renames a report file in the workspace (.ralph-report.md) which is expected behavior for an audit tool; it does not claim to modify other skills or agent configs.