Back to skill
Skillv1.0.0
ClawScan security
Lindt · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 11:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is a simple, instruction-only skill that provides static background and research prompts about the Lindt chocolate brand and requests no credentials, installs, or system access.
- Guidance
- This skill is a harmless, read-only research prompt about the Lindt brand. It asks for no credentials and installs nothing. If you plan to rely on facts (dates, revenue figures), verify them against authoritative sources because SKILL.md content can be outdated or simplified. Be aware that, like any skill, the agent may use it autonomously if allowed by your agent settings — disable autonomous invocation if you want manual control.
Review Dimensions
- Purpose & Capability
- okThe name/description (Lindt chocolate history and analysis) matches the SKILL.md content and there are no unrelated requirements (no env vars, binaries, or config paths).
- Instruction Scope
- okSKILL.md contains static research guidance and brand history for use when researching chocolate industry topics; it does not instruct reading files, accessing system state, or contacting external endpoints.
- Install Mechanism
- okNo install spec or code is included (instruction-only), so nothing is written to disk or downloaded during install.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths — there is no disproportionate credential or secret access requested.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request elevated presence; autonomous invocation is allowed by platform default but the skill itself makes no privileged requests.