Skillv1.0.1

ClawScan security

Boston Consulting · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 23, 2026, 5:05 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: An instruction-only, informational skill about BCG with no installs, no requested credentials, and no actions outside its stated purpose — appears coherent and low-risk.
Guidance: This is an informational, read-only skill that does not request credentials or install software. It appears safe to add for research or summarization about BCG. Note the skill's source/homepage is unknown — if you need authoritative or up-to-date corporate materials, consult BCG's official website or verified publications. If you plan to allow autonomous invocation, know that this skill only contains static content and does not perform external actions or access secrets.

Purpose & Capability: okThe name and description promise background information on Boston Consulting Group and strategic frameworks; the skill is an instruction-only document that provides exactly that. It does not declare unrelated binaries, env vars, or capabilities.
Instruction Scope: okSKILL.md contains background, timeline, business analysis and a 'read_when' list of research topics. It does not instruct the agent to read local files, access credentials, or transmit data to external endpoints. The instructions stay within an informational/research scope.
Install Mechanism: okNo install spec and no code files are present (instruction-only). Nothing is written to disk or downloaded by the skill, which minimizes installation risk.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. There are no requests for secrets or unrelated service tokens, which is proportionate to an informational skill.
Persistence & Privilege: okFlags show always: false and default model invocation settings. The skill does not request persistent or elevated privileges, and it does not modify other skills or system configurations.