Back to skill
Skillv1.0.0
ClawScan security
Ghirardelli · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 9:12 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, read-only knowledge card about the Ghirardelli brand; it requires no credentials, binaries, or installs and its behavior matches its description.
- Guidance
- This skill is a simple informational card about the Ghirardelli brand and appears internally consistent and low-risk: it has no code, no installs, and requests no secrets. If you care about provenance, note the registry metadata lists an owner ID but no homepage or source — if you require verifiable sourcing, ask the publisher for citations or prefer skills with a known homepage or repository. Otherwise this skill is safe to install for read-only brand/history lookups.
Review Dimensions
- Purpose & Capability
- okThe SKILL.md content is a factual brand overview and triggers for when to read that match the skill name and description. There are no unrelated requirements or capabilities requested.
- Instruction Scope
- okInstructions are limited to presenting brand history, business model, timeline, and facts. They do not instruct the agent to read files, access environment variables, call external endpoints, or perform actions outside the stated informational purpose.
- Install Mechanism
- okNo install spec or code files are present. This is instruction-only, so nothing is downloaded or written to disk by an installer.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. No sensitive information is requested or implied by the instructions.
- Persistence & Privilege
- okalways is false and there are no special persistence or system-modifying behaviors. The skill allows normal autonomous invocation (platform default), which is appropriate for an informational skill.