Skillv1.0.0

ClawScan security

Personal Ritual Designer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 2:03 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and requested resources are consistent with a descriptive personal-ritual design tool and do not request unrelated credentials, external installs, or system privileges.
Guidance: This skill appears coherent and low-risk: it contains a small local handler that analyzes text and returns JSON recommendations, no external network calls, and no credential requests. Things to consider before installing: 1) Source unknown — prefer skills from known authors or review provenance. 2) Review handler.py yourself (it's short) to confirm you’re comfortable with the code; the file contains some unused conditional branches which are harmless but sloppy. 3) Run the included tests in a sandbox to confirm behavior. 4) If you plan to share sensitive personal details, remember the skill is intended for descriptive reflection and not a replacement for professional advice. If any unexpected network activity or credential prompts appear at runtime, do not proceed and report the skill.

Review Dimensions

Purpose & Capability: okName, description, SKILL.md, and handler.py align: the code analyzes user text and returns structured ritual recommendations. The skill does not request credentials, binaries, or config paths that would be unrelated to a ritual-design tool. One minor oddity: handler.py contains many conditional branches comparing the hardcoded slug to other skill names (dead/unreachable branches), which appears to be copy/paste or templating noise but does not change behavior.
Instruction Scope: okSKILL.md stays within scope (designing rituals, safety disclaimers, no medical/legal advice). The code's runtime behavior (parse input, generate JSON recommendations) matches the documented scope and does not read files, call external endpoints, or access environment variables. The skill declares it does not store personal data and there is no persistence code in handler.py.
Install Mechanism: noteThere is no install spec (lowest-risk install mechanism). However, this is not a purely instruction-only package: two local code files (handler.py and tests) are included. They are small, self-contained, and do not perform network or shell operations. The presence of executable script files is expected for a code-backed skill but worth noting — nothing is downloaded or written to disk by an installer.
Credentials: okThe skill requests no environment variables, credentials, or config paths. That is proportionate for a descriptive, offline text-analysis skill. No secrets or broad access are required.
Persistence & Privilege: okThe skill does not request 'always: true' and does not attempt to modify other skills or system settings. There is no code that writes persistent state or installs background services. Autonomous invocation is allowed by default (platform normal) but combined with the low scope here this is acceptable.