Skillv1.0.0

ClawScan security

write-skills-demo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 6:33 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, files, and requirements are consistent with its stated purpose (teaching and testing how to write skills); nothing requested or installed is disproportionate to that purpose.
Guidance: This skill is coherent for skill authors and testers, but review and use it carefully: 1) it explicitly instructs agents to check local skill directories and to use convincing, high-pressure scenarios — avoid running those scenarios against production systems or with access to real secrets; 2) the guidance encourages forceful language and persuasion techniques (authority/commitment) which are effective for compliance but can be coercive if misused; 3) run tests in an isolated/sandbox environment, verify no sensitive files or credentials are referenced, and limit the agent's filesystem/network permissions while validating skills.

Review Dimensions

Purpose & Capability: okName/description match the content: this is an authoring/testing guide for writing skills. The skill declares no binaries, env vars, or installs and none are required by the content.
Instruction Scope: noteSKILL.md contains detailed runtime/testing instructions that tell authors to run baseline and pressure scenarios, to have agents check ~/.claude/skills (and similar paths), and to craft realistic file paths (/tmp/payment-system) in tests. This is appropriate for a skill-testing guide, but it does reference local config/skill directories and encourages making scenarios appear "real" (which could be misused). The instructions do not ask the agent to exfiltrate secrets or contact external endpoints.
Install Mechanism: okNo install spec and no code files to write to disk; instruction-only skill is lowest-risk for install mechanism.
Credentials: noteThe skill declares no required env vars or config paths, yet the documentation explicitly references local skill directories (e.g., ~/.claude/skills, ~/.codex/skills) and suggests using real file paths in scenarios. This is not inherently inappropriate for a skills-testing guide, but it's a minor mismatch between declared requirements and referenced local paths that you should be aware of.
Persistence & Privilege: okThe skill is not always-on and does not request special platform privileges or modify other skills' configuration. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.