Back to skill
Skillv1.0.0
ClawScan security
Service Qa Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 12:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it is an instruction-only QA/coaching helper that processes user-supplied notes and emits a markdown brief without requesting credentials, installing software, or accessing external systems.
- Guidance
- This skill appears coherent and low-risk: it only analyzes user-provided notes and returns a markdown QA coaching brief. Before installing or using it, avoid pasting sensitive customer PII or confidential records into the input (the skill will process whatever text you provide). Be aware the analysis is heuristic (simple substring matching) and can misclassify or miss nuances; do not use its output as the sole basis for disciplinary, legal, or compliance decisions. If you need guaranteed privacy or stronger accuracy, consider running the code in your own vetted environment or augmenting it with richer data and human review.
Review Dimensions
- Purpose & Capability
- okThe name/description (Service QA Coach) matches the code and SKILL.md: both implement heuristic analysis of user-supplied support notes and produce a QA/coaching brief. There are no environment variables, binaries, or external services required that would be unexpected for this purpose.
- Instruction Scope
- okSKILL.md explicitly forbids connecting to live ticketing, recordings, CRMs, or customer records. The provided handler.py only normalizes input, performs local keyword matching, and renders a markdown brief; it does not read files, call networks, or access environment credentials. The skill does instruct the agent to rely on user-supplied notes only — which is coherent with the declared scope.
- Install Mechanism
- okNo install spec is provided (instruction-only). Two Python files are included but there is no package download, no installers, and nothing is written to disk beyond normal execution. This is low-risk from an installation perspective.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The functionality (text heuristics and rendering) does not require any secrets or system-level access, so the lack of requested credentials is proportionate.
- Persistence & Privilege
- okThe skill does not request always: true, does not modify other skills or global agent settings, and contains no code to persist credentials or alter system configuration. Autonomous invocation remains enabled by platform default but that is expected and not excessive here.