Back to skill
Skillv1.0.0
ClawScan security
Review · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 3:57 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only reviewer/critic whose declared behavior, runtime instructions, and requested resources are internally consistent and proportionate to its stated purpose.
- Guidance
- This skill is instruction-only and internally coherent for giving structured feedback. Before installing, consider privacy: the skill will analyze whatever content you provide, so avoid sending highly sensitive data unless you trust the host platform's logging/privacy policies. Autonomous invocation is allowed by default on the platform (normal), so check whether you want the agent to call this skill without explicit permission in each session. If you need reviews for very high-stakes or confidential material, prefer human review or confirm platform retention/usage policies first.
Review Dimensions
- Purpose & Capability
- okName and description ('professional reviewer and critic') match the SKILL.md content. The skill is instruction-only and does not request unrelated binaries, credentials, or config paths; everything it needs is guidance for producing reviews, which is appropriate for the stated purpose.
- Instruction Scope
- okSKILL.md contains structured review procedures, assessment scales, prioritization logic, and delivery formats. The instructions are self-contained and do not direct the agent to read arbitrary files, access system configuration, or transmit data to third-party endpoints. They do not ask for environment variables or other system secrets.
- Install Mechanism
- okNo install spec and no code files — this is the lowest-risk model (instruction-only). Nothing will be downloaded or written to disk by the skill itself.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths. The SKILL.md does not reference hidden credentials or unrelated services. The requested access level is proportional to a reviewer skill.
- Persistence & Privilege
- okalways is false, and disable-model-invocation is default (false) which is normal. The skill does not request permanent presence or privileges to modify other skills or system-wide settings.