Skillv1.0.0

ClawScan security

ocusMind - AI Brain Fog Clearer (Agent 脑雾清除神器) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 1:39 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (analyzing and summarizing conversation context) and it does not request extra credentials or hidden installs, but there are a few minor inconsistencies and a couple of user-configurable features (webhook notifications, auto-trigger) that could transmit context if enabled.
Guidance: This skill appears to do what it says: local analysis, summarization, and goal extraction without asking for secrets. Before installing and enabling it, review these points: 1) Some files in the package were truncated in the listing — inspect the full auto_trigger and any omitted files to confirm they don't make unexpected network calls or spawn persistent background processes. 2) If you enable notifications and set a webhook URL, analysis payloads (which may include user messages or excerpts of context) will be POSTed to that URL — only configure webhooks you trust. 3) Auto-trigger/auto_cleanup features are disabled by default; if you enable them, verify the behavior and interval settings so the agent doesn't automatically send sensitive context. 4) The tool reads/writes files you point it to (load/save/export) and saves a local config.json under the package path; avoid giving it paths with sensitive data unless you trust it. If you need higher assurance, run the code in an isolated environment, inspect the omitted files (auto_trigger, remaining scripts/tests) for network/system calls, and review any webhook URLs before enabling notifications.

Review Dimensions

Purpose & Capability: okName/description (context health, summarization, goal extraction) align with the included Python code (check_context, summarize, extract_goals, export, cache, notify, etc.). The skill does not request unrelated credentials or binaries.
Instruction Scope: noteSKILL.md and the code instruct running local CLI/API operations and integrating into an agent heartbeat. That matches the code. Caveat: the notification module supports posting webhooks and will include analysis data (which may contain user context) if you configure a webhook; auto-trigger logic exists and can run periodic checks if enabled. Those behaviors are optional but can transmit context to an external endpoint if turned on.
Install Mechanism: noteRegistry lists no install spec (instruction-only), but the bundle actually contains many code files. This is not harmful by itself, but it's an inconsistency: the skill includes runnable code even though no install steps are declared. No external downloads or unusual installers are present.
Credentials: okThe skill declares no required environment variables or credentials and the code does not read any unexpected system credentials. The only potential data flow to external systems is through an explicit webhook notifier (user-configured URL).
Persistence & Privilege: okThe skill is not 'always' enabled and does not request elevated platform privileges. It reads/writes files only when invoked (load/save/export) or when the user enables file notifications; config is stored in a local config.json within the package directory by default. Auto-trigger is disabled by default.