Back to skill
Skillv1.0.0
ClawScan security
Linear App · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 27, 2026, 11:03 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, readme-style skill that summarizes the Linear App; it requests no credentials, installs nothing, and its behavior matches its description.
- Guidance
- This skill is an offline, read-only summary of the Linear product and appears safe to add: it asks for no secrets, installs nothing, and contains only descriptive text. One caution: the skill's source/homepage is unknown—if you need stronger provenance for installed skills, prefer ones published by known authors or with a homepage. Also note this skill cannot act on your Linear account (no API keys/integration), it's only informational.
Review Dimensions
- Purpose & Capability
- okThe skill's name and description (Linear App research) match the SKILL.md content, which is a product history/analysis. There are no unrelated requirements (no env vars, binaries, or installs) that would be incoherent with the stated purpose.
- Instruction Scope
- okSKILL.md is a static, prose research/informational document (in Chinese) with 'read_when' cues and product analysis. It does not instruct the agent to run commands, read filesystem paths, access environment variables, or transmit data to external endpoints.
- Install Mechanism
- okNo install spec is present and there are no code files. This lowest-risk model (instruction-only) writes nothing to disk and performs no installation steps.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is nothing disproportionate requested for the stated informational purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent presence or system configuration changes. Autonomous invocation is allowed by default but there are no privileged actions described.