Back to skill
Skillv1.0.0
ClawScan security
Johnson And Johnson Corp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 5:11 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This is a content-only company reference skill with no code, install steps, credentials, tools, or persistence requested.
- Guidance
- From a security perspective, this appears safe to install as an instruction-only reference skill. As with any factual reference, verify business and financial figures against current authoritative sources before relying on them.
Review Dimensions
- Purpose & Capability
- okThe stated purpose is to explain Johnson & Johnson's history, business split, product lines, market position, and financial data; the SKILL.md content matches that purpose.
- Instruction Scope
- okThe skill provides informational reference content and read_when triggers only; it does not instruct the agent to run commands, use tools, override user intent, or perform account actions.
- Install Mechanism
- okThere is no install specification, no code file, and no package or binary requirement.
- Credentials
- okThe artifacts request no environment variables, credentials, config files, OS access, network access, or capability tags.
- Persistence & Privilege
- okNo persistence, background execution, privilege escalation, stored memory, or autonomous behavior is described.