Back to skill
Skillv1.0.0
ClawScan security
Open Source · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 11:16 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (discovering, evaluating, self-hosting, maintaining, and publishing open-source projects) aligns with its instructions and required artifacts; it is instruction-only, requests no credentials, and only persists work under ~/open-source/ as described.
- Guidance
- This skill appears internally consistent and does not request credentials or network access, but it will create and maintain files under ~/open-source/ and store activation preferences in persistent memory. Before installing or enabling persistent behavior, confirm you’re okay with the skill writing to that directory and saving activation rules; avoid putting secrets or credentials into the skill’s working files; review any proactive activation prompts (whether it should run automatically when 'open source' is mentioned) and disable automatic activation if you prefer explicit invocation only. If you plan to use it for publishing or release automation, do not allow it to run actions (pushes, publishes) without explicit, per-action confirmation.
Review Dimensions
- Purpose & Capability
- okName, description, and all included documents (discovery framework, maintainer ops, self-host screen, publishing playbook, memory template, setup) are consistent with a skill for evaluating and running open-source projects. No unrelated binaries, credentials, or external services are requested.
- Instruction Scope
- noteRuntime instructions direct the agent to read the bundled setup.md and to create/maintain files under ~/open-source/ (memory.md, discovery-log.md, roadmap.md, publishing-checklist.md) to persist context. This is coherent for the stated purpose, but it grants the skill permission to read/write that path and to store persistent context and activation preferences—users should confirm they are comfortable with that local persistence.
- Install Mechanism
- okNo install spec or code is present; the skill is instruction-only so nothing is downloaded or written by an installer. This is low-risk and proportionate to the stated functionality.
- Credentials
- okThe skill requests no environment variables, credentials, or external config paths beyond the documented ~/open-source/ working area. The requested scope of access matches its needs for local notes and scoring artifacts.
- Persistence & Privilege
- noteThe skill persists state under ~/open-source/ and asks to store activation choices in memory so behavior carries across sessions. always:false and no extra privileges are requested, but persistent local storage and proactive activation choices are meaningful behaviors the user should authorize.