Back to skill
Skillv1.0.0
ClawScan security
performance-review-writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 18, 2026, 7:32 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only template generator for writing performance reviews and its requested resources and behavior are consistent with that purpose.
- Guidance
- This skill appears internally consistent and low-risk technically, but keep privacy in mind: performance reviews contain sensitive personal and personnel data. Before using, confirm where your agent sends prompts/responses (third‑party model endpoints and retention policies), comply with your organization's HR/privacy rules, avoid pasting highly sensitive identifiers if you are unsure, and consider disabling autonomous invocation or using a local model if you need stricter control. If you want stronger assurance, prefer a skill from a known source or with a homepage/documentation.
Review Dimensions
- Purpose & Capability
- okName and description match the content of SKILL.md. The skill only provides templates and guidance for reviews and does not request unrelated binaries, credentials, or system access. (Note: source/homepage are unknown, which reduces transparency but does not create an incoherence.)
- Instruction Scope
- okSKILL.md contains only templates, phrasing examples, rating guidance, and instructions for composing reviews. It does not instruct the agent to read files, access environment variables, call external endpoints, or perform other out-of-scope actions.
- Install Mechanism
- okNo install spec and no code files — instruction-only skills have minimal disk/system footprint and this is appropriate for a text/template generator.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths; this is proportionate for its purpose.
- Persistence & Privilege
- okalways is false and the skill does not request elevated persistence or to modify other skills or system settings. Note that model invocation is allowed by default (agent may call the skill autonomously), which is normal for skills and not a red flag here.