Back to skill
Skillv1.0.12
ClawScan security
Gws Modelarmor Sanitize Prompt · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 31, 2026, 6:34 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- This is a thin, instruction-only wrapper around the gws CLI to run a Model Armor sanitize-prompt command; it is internally consistent but relies on an external shared SKILL.md for auth so inspect that before use.
- Guidance
- This skill is a simple wrapper that calls the 'gws' CLI to sanitize prompts. Before installing or enabling it: (1) verify the 'gws' binary is the legitimate tool you expect and is installed from a trusted source; (2) open and read ../gws-shared/SKILL.md (or the output of 'gws generate-skills') to see what authentication or global flags it requires — that file may request credentials or configure behavior not declared here; (3) be aware that sanitized text will be sent to whatever backend 'gws' communicates with (likely a Google service), so avoid passing sensitive secrets through the prompt unless you trust that flow. If you cannot access or audit gws-shared, treat this skill with caution.
Review Dimensions
- Purpose & Capability
- okThe skill's name/description match what the SKILL.md instructs: run the 'gws modelarmor +sanitize-prompt' command. Requiring the 'gws' binary is coherent with the stated purpose and no unrelated binaries or installs are requested.
- Instruction Scope
- noteThe runtime instructions are narrow and only describe invoking the gws CLI with --template/--text/--json and reading stdin. However the SKILL.md explicitly points to ../gws-shared/SKILL.md for auth, global flags, and security rules and suggests running 'gws generate-skills' if missing — you should review that shared file because it governs authentication and any additional behavior not declared here.
- Install Mechanism
- okNo install spec and no code files (instruction-only). This minimizes risk from arbitrary downloads or writes to disk.
- Credentials
- concernThe skill itself declares no env vars or credentials, but it defers auth and global flags to ../gws-shared/SKILL.md. That external file may require credentials or configuration not visible here; the lack of declared credentials in this skill is therefore incomplete and should be verified by inspecting gws-shared.
- Persistence & Privilege
- okalways is false and the skill does not request system persistence or elevated privileges. Nothing in this SKILL.md indicates it will modify other skills or system-wide agent settings.