Back to skill
Skillv0.1.0
ClawScan security
Codex Delegate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 5:44 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are consistent with its stated purpose of deciding when to delegate tasks to Codex; it is instruction-only and requests no credentials or installs.
- Guidance
- This skill is coherent and low-risk: it only provides guidance about when to delegate work to Codex and asks for no installs or secrets. Before using, remember the main-agent must still validate and accept any code changes Codex proposes — never let delegated execution bypass your final review. If you plan to have the agent actually run repository edits or tools, ensure the agent's runtime environment and any required credentials are configured separately and reviewed.
Review Dimensions
- Purpose & Capability
- okName and description align with the SKILL.md: the skill's goal is to decide delegation to Codex, and it does not request unrelated binaries, env vars, or configs.
- Instruction Scope
- okThe runtime instructions are limited to decision-making heuristics and output structure; they do not instruct the agent to read arbitrary files, exfiltrate data, call external endpoints, or access secrets.
- Install Mechanism
- okNo install spec or code files are provided; this is instruction-only, so nothing will be written to disk or fetched at install time.
- Credentials
- okNo environment variables, credentials, or config paths are required — the declared requirements are minimal and proportional to the skill's purpose.
- Persistence & Privilege
- okThe skill does not request always:true or other elevated persistence. It is user-invocable and allows autonomous invocation (the platform default), which is appropriate for a routing/decision skill.