Skillv1.1.0

ClawScan security

Virtual Reading Group · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 20, 2026, 9:27 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill whose requests and instructions are coherent with its stated purpose: orchestrating multiple sub-agents to read papers, produce notes, and synthesize a discussion; it requires no installs, credentials, or unusual privileges.
Guidance: This skill appears internally consistent and does not ask for secrets or installs. Before running it, confirm: (1) the list of papers you provide — the agents will read any files/paths you give them, so do not point the skill at sensitive or private documents you don't want processed; (2) whether you allow network lookups — if you provide only local PDFs you avoid external fetching, but allowing 'web lookup' may cause the agent to fetch content from the internet; (3) that you are comfortable with verbatim quoting — templates require direct passages and granular citations which can reproduce copyrighted text. Also note the skill recommends specific internal models (opus/sonnet) — using them may affect cost/usage if applicable. If you want additional assurance, run the skill on a small, non-sensitive sample first and check outputs.

Purpose & Capability: okThe name/description match the actual behavior: spawning reader/response/synthesizer agents, reading provided papers, and writing structured outputs. It requests no unrelated binaries, env vars, or external credentials.
Instruction Scope: noteThe runtime instructions ask agents to read user-supplied paper files (or perform optional 'web lookup' based on paper descriptions) and to write many output files; this is expected for the skill. Be aware that 'web lookup' implies network fetches if the agent has network access, and the prompts require verbatim quotes from source papers which may reproduce copyrighted text.
Install Mechanism: okNo install spec or code files are included — the skill is instruction-only and does not download or install anything, which keeps the install surface minimal.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The instructions only reference user-provided inputs (paper paths, output directory, persona templates included in the bundle).
Persistence & Privilege: okalways is false and the skill does not request persistent or elevated platform privileges. Autonomous invocation is allowed by default (normal for skills) but not combined with other concerning requests.