Back to skill
Skillv1.0.0
ClawScan security
One Man Conglomerate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 6:48 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is instruction-only and its requests/instructions align with its stated purpose (multi‑agent orchestration); it does not request credentials, install code, or reference unrelated system artifacts.
- Guidance
- This skill is an instruction-only orchestration template and appears internally consistent. Before installing, verify the trustworthiness of the referenced dependent skills (agent-team-orchestration, agent-swarm, swarm-orchestrator, and video-monetizer) because those may perform network calls or request credentials for publishing/monetization workflows. If you are concerned about autonomous actions, keep autonomous invocation disabled at the agent level or review/limit the other skills' permissions. If you need higher assurance, inspect the implementations of the referenced skills to confirm they don't access unrelated secrets or external endpoints.
Review Dimensions
- Purpose & Capability
- okName/description (create and run a multi‑agent 'conglomerate') match the SKILL.md content. The metadata's listed dependent skills (agent-team-orchestration, agent-swarm, swarm-orchestrator) are coherent with an orchestration/orchestral agent skill.
- Instruction Scope
- okSKILL.md contains only high‑level orchestration instructions, templates, and usage examples for creating agent groups and roles. It does not instruct reading files, environment variables, system paths, or exfiltrating data to external endpoints beyond normal agent-to-agent orchestration.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only), so nothing is written to disk or downloaded during install. This is the lowest-risk install model.
- Credentials
- okNo required environment variables, binaries, or config paths are declared. The skill does reference other skills (and a 'video-monetizer' in prose) which could themselves require credentials — but this skill itself does not request unrelated secrets.
- Persistence & Privilege
- okalways is false and model invocation is allowed (default). The skill does not request permanent system presence or modify other skills' configurations in the provided instructions.