Back to skill
Skillv1.0.0
ClawScan security
师生共创模式指导-高校科技成果转化方法论 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 12:22 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requested resources and instructions are consistent with its stated purpose (a guidance assistant for teacher–student co-creation and tech transfer); it contains only documentation and a harmless placeholder script and does not request credentials, installs, or external endpoints.
- Guidance
- Content is internally coherent and appears safe: it’s documentation and templates for university teacher–student co-creation. If you plan to use it with sensitive/proprietary project details, verify the skill's provenance (source/homepage is unknown) and avoid pasting confidential IP or secret keys into prompts. If you require supply of institutional policies or integration with internal systems, prefer a vetted internal tool or confirm the author/publisher first.
Review Dimensions
- Purpose & Capability
- okThe name/description (高校师生共创模式指导助手) match the SKILL.md content: methodology, mode selection, team roles, and templates for technology transfer. There are no unrelated requirements (no env vars, no binaries).
- Instruction Scope
- okSKILL.md provides guidance, questions to ask users, checklists, templates, and theoretical background. It does not instruct the agent to read system files, access environment variables, or transmit data to external endpoints beyond normal user interaction.
- Install Mechanism
- okNo install spec is provided (instruction-only). The only code file is a small example.py placeholder that prints a message — no downloads, no archives, no extract steps.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. There are no requests for tokens, keys, or other secrets in the manifest or SKILL.md.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated persistence. Autonomous invocation is allowed by default (platform normal), but there are no additional privileges requested.