Skillv2.0.0

ClawScan security

Chinese Patent Writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 3:13 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested actions and instructions (scan code, extract patentable features, and draft CNIPA‑style patent documents) are internally consistent with its name and description and do not request unexpected credentials or installs.
Guidance: This skill appears coherent for drafting CNIPA‑style patents from code, but be careful before supplying real, unpublished or proprietary source: the skill explicitly tells the agent to scan repositories and extract features, so any code you provide may be processed by the agent and included in generated drafts. Recommendations before use: (1) Do not upload secrets or proprietary code you cannot disclose — prefer minimal, redacted, or representative examples. (2) Treat outputs as draft guidance only and have a qualified patent agent/attorney review and finalize filings. (3) If you need confidentiality, confirm how the agent environment handles data (storage, telemetry, logs). (4) Consider anonymizing or summarizing key technical features instead of providing full source. (5) Be aware that AI‑generated prior art risks: include humans in the loop to verify novelty/closest prior art statements and existing publications before filing.

Purpose & Capability: okThe name/description say it will scan code/technical proposals and draft CNIPA‑compliant patent documents; the SKILL.md precisely defines a Phase A (code scanning/feature extraction) and Phase B (claim/spec drafting) workflow. No unrelated binaries, credentials, or installs are requested.
Instruction Scope: noteThe instructions explicitly direct the agent to discover and scan code repositories/files (file discovery rules, language list, prioritization, examples with explicit paths). This is expected for a code→patent writer but means the agent will read many source files (potentially sensitive). The SKILL.md does not instruct exfiltration to external endpoints or require secrets, but it leaves implementation of 'scanning' to the agent, so privacy of scanned code depends on how the agent is used and what the user supplies.
Install Mechanism: okNo install spec and no code files — instruction-only. This is the lowest-risk install footprint; nothing is downloaded or written by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The lack of declared credentials is consistent with an instruction-only drafting tool that operates over user‑provided inputs.
Persistence & Privilege: okalways is false and the skill has no install persistence hooks. Autonomous invocation is allowed (platform default) but the skill does not request elevated or persistent privileges.