Skillv1.0.0

ClawScan security

Chinese Journal Paper · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 10:27 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are consistent with its stated purpose (scanning a code repo to extract contributions and draft a Chinese academic paper); it does not request extra credentials or install anything, but users should still review outputs and avoid scanning repos that contain sensitive secrets or unpublished proprietary data.
Guidance: This skill appears to do what it says: scan a codebase and draft a Chinese journal-style paper. Before using it: (1) only run it against code you are allowed to analyze/share—repos may contain secrets or proprietary data; (2) treat generated experiments, results, and contribution statements as drafts—do not submit without running real experiments, verifying claims, and completing references; (3) the skill explicitly warns against fabricating citations, but you should still run plagiarism and similarity checks and ensure authorship/ethics compliance; (4) provide the necessary experimental data, baselines, and reference list yourself (the skill provides templates and placeholders but will not reliably invent validated results). If you need the skill to process private repositories, consider sanitizing confidential files or extracting only the public technical files first.

Purpose & Capability: okThe name and description claim code-repository scanning and paper drafting; the SKILL.md only asks the agent to discover source files, extract technical details, and format a paper—all coherent with the stated purpose. No unrelated credentials, binaries, or installs are requested.
Instruction Scope: okRuntime instructions focus on locating source files by extension/path heuristics and converting implementation details into academic prose and experiment templates. The skill does not instruct the agent to read unrelated system files, environment variables, or contact external endpoints. It explicitly forbids fabricating references and flags missing experiment data as placeholders.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files to execute or write to disk; that minimizes install-time risk.
Credentials: noteThe skill requests no env vars, credentials, or config paths (proportionate). However, scanning a code repository can expose secrets or proprietary information embedded in code—this is a natural consequence of its purpose, not a requested capability. Users should avoid running it on repos that contain private keys, credentials, or data they cannot disclose.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable; it can be invoked autonomously per platform defaults but does not claim persistent or cross-skill privileges.