Back to skill
Skillv1.0.0
ClawScan security
Yi · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 10:36 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions align with its stated I Ching/divination purpose; it is instruction-only with local Python code, requests no credentials, and contains no network or secret-exfiltration behavior.
- Guidance
- This skill appears internally consistent and implements local I Ching/divination logic only: it doesn't request credentials, call external endpoints, or read system secrets. Before installing, consider: (1) the publisher is anonymous and there is no homepage—if provenance matters, prefer skills from known authors; (2) the code is included in the bundle and readable, so you can inspect it yourself; and (3) if you need tighter guarantees, run it in an environment without network access. If you see future versions that add network I/O or request env vars (API keys, tokens), treat that as a new risk and re-evaluate.
Review Dimensions
- Purpose & Capability
- okName/description (I Ching/divination) match the included assets: a SKILL.md describing divination methods and two Python scripts that implement coin, number, and time-based hexagram generation and interpretation. No unrelated binaries, env vars, or cloud credentials are requested.
- Instruction Scope
- okSKILL.md instructs the agent on how to perform hexagram queries and how to simulate or accept user input for divination. It does not instruct reading arbitrary system files, accessing environment variables, or sending data to external endpoints. Runtime behavior is limited to local computation and returning JSON.
- Install Mechanism
- okNo install spec provided (instruction-only with bundled scripts). The code lives in the skill bundle and is readable; there are no downloads, third-party installers, or network fetches in the provided files.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config-path access. The included code does not read env vars or request secrets.
- Persistence & Privilege
- okSkill is not always-enabled and uses the normal model-invocation default. It does not attempt to modify other skills or system-wide agent configuration.