Back to skill
Skillv1.0.0
ClawScan security
Validate Idea · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 2:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instruction-only coaching skill that stays within its stated purpose (validating business ideas using a sales-first, manual-validation framework) and requests no credentials or installs.
- Guidance
- This is an instruction-only coaching skill that appears coherent and low-risk: it asks questions and recommends manual sales-based validation without requesting credentials or installing anything. Before installing, consider that the skill will prompt for business details (customer descriptions, pricing, conversations) — avoid entering sensitive secrets or proprietary documents you don't want stored or sent elsewhere. Also watch for any future versions that add integrations (email, payments, analytics) or request API keys; those would materially change the risk profile and should be reviewed before use.
Review Dimensions
- Purpose & Capability
- okThe name and description (validating ideas via sales/manual validation) match the SKILL.md content. All guidance is consistent with the stated minimalistic entrepreneurial framework.
- Instruction Scope
- okRuntime instructions are conversational: ask targeted questions, guide manual validation, and produce a verdict. They do not direct the agent to read files, access system state, or transmit data to external endpoints.
- Install Mechanism
- okNo install spec and no code files — nothing is written to disk or downloaded. Low install risk.
- Credentials
- okNo required environment variables, credentials, or config paths are requested. The behavior described does not require additional secrets or cloud access.
- Persistence & Privilege
- okalways is false and the skill does not request or modify other skills or agent-wide settings. Normal autonomous invocation is allowed (platform default) and is not excessive here.