Back to skill
Skillv1.0.0
ClawScan security
Response Timing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 7:25 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only skill that gives heuristics for when an agent should reply in group chats; its requirements and instructions are coherent and proportionate to the stated purpose.
- Guidance
- This skill is coherent and low-risk: it only contains heuristics for when to reply in group chat and requires nothing else. Before installing, decide whether you want the agent to be allowed to act proactively in ambiguous or 'emergency' cases—if not, restrict autonomous invocation or modify the skill to require explicit mention/confirmation. Test the behavior in a safe channel, confirm the agent's known names/nicknames match the guidance, and consider tightening the 'emergency' rule to avoid false positives.
Review Dimensions
- Purpose & Capability
- okThe name and description (deciding when to respond) match the SKILL.md content. The instructions are focused on chat heuristics (mentions @, name occurrences, task ownership) and do not request unrelated capabilities.
- Instruction Scope
- noteThe SKILL.md stays within the stated purpose and does not instruct the agent to read files, use external networks, or access credentials. It does, however, encourage proactive replies in 'emergency' or ambiguous cases (e.g., respond even without @ if '紧急'), which is a behavioral policy rather than a technical action — this could lead to unsolicited responses if the agent is permitted to act autonomously.
- Install Mechanism
- okNo install spec and no code files are present, so nothing is written to disk or installed; this is the lowest-risk model for a skill.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths and the instructions do not reference any. Requested access is proportionate (none).
- Persistence & Privilege
- notealways:false and the skill is user-invocable. The platform-default ability for the agent to invoke skills autonomously combined with the policy to sometimes proactively reply (emergencies/uncertain cases) means you should be aware the agent could send unsolicited responses in some situations; this is a behavioral concern, not a technical privilege escalation.