Skillv1.0.0

ClawScan security

Context Visualization · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 17, 2026, 8:28 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, instructions, and bundled script are consistent with its stated purpose of estimating and visualizing context-token usage.
Guidance: This skill appears to do what it says: it will read the workspace files you point it at and the memory/ directory to estimate token usage and produce a local breakdown. Before running, make sure you pass a workspace path that does not contain sensitive secrets or unrelated system files (avoid pointing it at / or your home directory). The script outputs filenames, sizes, and token estimates locally — it does not contact external endpoints — but you should still review its output before sharing it. If you want extra safety, run the script on a copy of the workspace or a limited test directory first. Additionally, note that token counts are estimates (uses ~4 chars/token and a fixed system overhead value).

Purpose & Capability: okName and description match the actual behavior: the included script estimates token counts for named workspace files and the SKILL.md instructs calling session_status to get model/context usage. No unrelated binaries, env vars, or external services are requested.
Instruction Scope: noteInstructions are narrowly focused on running the bundled estimator and calling session_status. The estimator reads workspace files and the memory/ directory to produce counts and an inventory — this is necessary for the stated task but means the skill will read and report filenames, sizes, and token estimates for any files under the provided workspace path. That could expose sensitive filenames or content if you point it at a directory containing secrets; the SKILL.md does not instruct any external transmission of the data.
Install Mechanism: okNo install spec or external downloads. The skill is delivered with a small local Python script (no network activity or third-party packages). Risk from installation is minimal.
Credentials: okNo environment variables, credentials, or config paths are requested. The only required capability is read access to the workspace path you provide (and to memory/ beneath it), which is proportionate to estimating context usage.
Persistence & Privilege: okThe skill is not always-enabled and does not request persistent/system-level privileges or modify other skills. It runs on-demand and only reads local files when invoked.