Back to skill
Skillv1.0.0
ClawScan security
Self-Criticism · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 12:39 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with its stated purpose: it performs local, breakpoint-style self-critique and stores small, local files under ~/self-criticism/ without requesting network access or external credentials.
- Guidance
- This skill appears coherent and low-risk: it will create a small, private folder in your home directory (~/self-criticism/) and store short trigger/checkpoint notes there, and it does not require network access or credentials. Before installing, confirm you are comfortable with the skill creating those files and permissions (mkdir/touch/chmod). When it offers to update workspace files (SOUL/AGENTS or 'main memory'), verify the exact changes and approve them only if you trust the edits; ask the skill to show the exact diff it plans to write. If you need extra assurance, install and then inspect ~/self-criticism/{memory.md,checkpoints.md,incidents.md} to confirm no sensitive data is stored and that 'main memory' is being written only where you expect.
Review Dimensions
- Purpose & Capability
- okName/description match the behavior: the skill inserts critique breakpoints and stores small local trigger memory under ~/self-criticism/. It does not request unrelated credentials, binaries, or network access.
- Instruction Scope
- noteInstructions read/write only local files under ~/self-criticism/ and propose non-destructive edits to workspace SOUL/AGENTS files. The SKILL.md repeatedly states the skill will wait for explicit approval before writing workspace files. One minor ambiguity: 'Save the activation preference to the user's main memory' — it's not explicit where 'main memory' lives (workspace file, agent memory store, etc.).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — nothing is downloaded or installed. This is the lowest-risk install model.
- Credentials
- okNo environment variables, credentials, or external config paths are required. The only file paths referenced are the local ~/self-criticism/ files and optional workspace files (SOUL/AGENTS) which are relevant to the described integrations.
- Persistence & Privilege
- noteThe skill creates and maintains local state under ~/self-criticism/ (mkdir, touch, chmod 700/600). It is user-invocable and not always-enabled. It may propose edits to workspace files but repeatedly emphasizes asking for explicit approval before changes. This level of persistence is proportional to its purpose.