Back to skill
Skillv1.0.0
ClawScan security
Sleep Wind Down Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 1:07 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements align with its stated purpose of producing a wind-down plan; it runs locally on provided input, requests no credentials, and has no install actions or network calls.
- Guidance
- This skill appears internally consistent and safe: it processes only the text you provide and produces a markdown wind-down plan, with no network calls or credential needs. It is not clinical advice—do not rely on it for medical decisions. Before enabling broadly, consider: (1) test with representative prompts to confirm the output meets your expectations, (2) avoid submitting sensitive personal health details if you prefer more privacy, and (3) note that autonomous invocation is allowed by default on the platform (normal behavior), so the agent could call it when relevant unless you disable or restrict that behavior.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md and the included handler.py: both create a markdown wind-down plan. There are no unrelated environment variables, binaries, or install steps requested.
- Instruction Scope
- okSKILL.md stays on-topic (collect bedtime/preferences and produce a plan). The runtime code only parses the input text and renders a markdown plan; it does not read unrelated files, access system state, or transmit data externally.
- Install Mechanism
- okNo install spec is provided. This is an instruction-only skill with a small local Python handler and tests; nothing is downloaded or written to arbitrary locations.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. The code does not attempt to read secrets or external configs.
- Persistence & Privilege
- okalways is false and the skill does not modify system or other-skill configuration. It makes no persistent changes or requests elevated privileges.