Skillv1.0.0

ClawScan security

Intuition Development Guide · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 2:03 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are internally consistent with a descriptive self‑development tool and do not request credentials, execute network calls, or access system secrets.
Guidance: This skill appears to be a benign, descriptive personal-development tool. Things to consider before installing: 1) Review handler.py yourself (or ask a technical person) if you want to be sure the packaged code will only run locally and return JSON as shown—the file contains many redundant conditional branches (likely copy/paste) but no network, file writes, or secret access. 2) ACCEPTANCE.md mentions 'No code execution' but the package includes executable code and tests; this is a documentation inconsistency, not evidence of malicious intent. 3) Because the agent can invoke skills autonomously by default, be aware that the skill could be called without an explicit prompt; this is normal but worth noting. If you require absolute assurance, run the tests locally in an isolated environment before enabling the skill in a production agent.

Review Dimensions

Purpose & Capability: okThe name/description (teaching intuition development) align with the provided SKILL.md and handler.py behavior: the handler parses text input and returns structured JSON recommendations. The skill does not require credentials, binaries, or config paths. One minor mismatch: ACCEPTANCE.md lists 'No code execution' as a non-functional requirement, yet the repository includes handler.py (executable code) and tests — this likely reflects an internal documentation mismatch rather than suspicious behavior.
Instruction Scope: okSKILL.md instructs only reflective prompts and journaling exercises and explicitly disavows providing professional advice. The runtime code (handler.py) only inspects the provided text, builds a small analysis object, and returns JSON. There are no instructions to read files, environment variables, system configuration, or to send data to external endpoints.
Install Mechanism: okThere is no install spec (instruction-only at registry level), so nothing will be fetched or written during an install step. Code files are present in the package, but no external packages or download URLs are used. Risk from installation is low.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. The handler.py does not access os.environ or any secret sources. The requested environment access is minimal and proportionate to the stated purpose.
Persistence & Privilege: okThe skill is not always-enabled and is user-invocable; autonomous invocation is allowed (platform default) but the skill does not request persistent presence or modify other skills or system settings. It does not persist user data between sessions according to the SKILL.md and the code.