Skillv1.0.0

ClawScan security

complex-bug-debugging-with-ai-en · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 2:10 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, scope, and requirements are coherent with its stated purpose (a structured human×AI debugging workflow); it is instruction-only, requests no credentials or installs, and does not contain obvious mismatches or unexplained privileges.
Guidance: This skill is internally consistent and behaves like a disciplined debugging playbook. Before enabling it: 1) Only use it with agents that have carefully scoped, auditable access to the systems you want debugged (prefer least-privilege, ephemeral credentials). 2) Be prepared for the agent to request access to logs, source artifacts, SSH/K8s, and databases — grant those selectively and monitor audit logs. 3) Do not paste sensitive secrets into free-text prompts; use secure credential injection where possible. 4) Note the skill insists on a specific model capability (Opus 4.7); confirm your agent/model environment meets that requirement or the skill will refuse to proceed. 5) If you need tighter controls, require human approval before the agent executes any commands or fetches artifacts from production.

Review Dimensions

Purpose & Capability: okThe name/description (a 7-phase collaborative debugging workflow) matches the SKILL.md instructions. The document explicitly requires powerful runtime capabilities (code read/grep, K8s/SSH access, DB access, log access, network experiments) — those are reasonable and proportionate to a complex-debug workflow. The skill does not ask for unrelated capabilities or credentials.
Instruction Scope: noteSKILL.md instructs the agent to perform evidence-driven debugging: request logs, read code, run experiments, and even compare/decompile artifacts in some cases. This is within scope for debugging, but it means the agent will ask to access potentially sensitive system data (logs, configs, binaries, DBs, network endpoints). The instructions also explicitly prevent unsafe behavior (no subjective claims, stop when capabilities are missing).
Install Mechanism: okNo install spec and no code files — instruction-only. This is the lowest-risk install profile (nothing is downloaded or written by the skill itself).
Credentials: okThe skill declares no required environment variables or credentials. Although the workflow expects access to systems (K8s, SSH, DB, logs), it does not demand unrelated secrets or hidden credentials. Any runtime requests for credentials would be proportional to the debugging task, but they are not pre-declared by the skill.
Persistence & Privilege: okalways:false and no install or persistent changes requested. The skill can be invoked normally; it does not request forced inclusion or modification of other skills/configs.