ClawHub
Back to skill
v1.0.0

OGT Docs

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:28 AM.

Analysis

This is a coherent instruction-only documentation workflow, with the main caveat that it tells the agent to treat project docs as authoritative.

GuidanceThis skill appears safe to install as an instruction-only docs workflow. Before using it, make sure the project docs/ directory is trusted and current, and separately review any referenced ogt-docs sub-skills you install.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
Conflicts RESOLVE in favor of documentation ... If docs say X and code does Y → CODE IS WRONG

The skill makes project documentation authoritative over code when guiding the agent. This is central to the docs-first purpose, but it means untrusted or outdated docs could redirect the agent's implementation choices.

User impactIf the project docs contain incorrect or malicious guidance, the agent may prefer that guidance over the actual code behavior.
RecommendationUse this skill only with project docs you trust, and manually review high-impact changes when docs and code disagree.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
SKILL.md
For specific tasks, use the specialized sub-skills listed below.

The top-level skill routes to other named sub-skills that are not part of this artifact set. That is disclosed and coherent for a router skill, but those separate skills are outside this review.

User impactThe actual behavior for specific documentation tasks may depend on separately installed sub-skills.
RecommendationReview any referenced ogt-docs sub-skills before relying on them for edits, audits, or project workflow changes.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Documentation is the database of decisions. Code is merely its implementation.

The workflow treats persistent documentation as durable decision context. This is expected for the skill, but persistent docs can influence future agent actions if they are stale, overly broad, or poisoned.

User impactLong-lived docs may shape future tasks and code changes even when they contain outdated assumptions.
RecommendationKeep docs reviewed, limit authoritative docs to trusted project areas, and avoid storing secrets or unreviewed instructions in docs/.