Skillv1.0.0

ClawScan security

Chef · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

ReviewMay 1, 2026, 5:30 AM

Verdict: Review
Confidence: high
Model: gpt-5.5
Summary: Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Guidance: This skill appears safe to install as a cooking advice helper. As with any food-related guidance, users should still verify allergy, food-safety, and dietary-restriction advice for their own situation. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings: [pre-scan:unicode-control-chars] expected: A single control-character signal was reported, but the provided SKILL.md content shows only cooking instructions and emoji metadata, with no visible prompt-injection or hidden behavioral instruction.

Purpose & Capability: okThe skill’s instructions are coherent with its stated cooking-assistance purpose, covering recipes, substitutions, dietary adaptations, troubleshooting, and kitchen safety.
Instruction Scope: okThe instructions stay within culinary guidance and do not ask the agent to override user intent, use tools, access private data, or perform unrelated actions.
Install Mechanism: okThere is no install spec and no code files; the artifact is instruction-only.
Credentials: okNo binaries, environment variables, credentials, config paths, network access, or file access are requested.
Persistence & Privilege: okThe artifacts show no persistence mechanism, background activity, privilege escalation, memory storage, or long-running behavior.