Back to skill
Skillv1.0.0
ClawScan security
Tools · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 1:20 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- An instruction-only skill whose requirements and instructions align with its stated purpose, but it is somewhat vague about how it persists or applies learned preferences.
- Guidance
- This skill is instruction-only and coherent with its stated purpose: it suggests and adapts tool recommendations using the included guidance files. Before installing, ask the publisher how learned preferences are persisted (where and how long data is stored, whether skill will modify skills/config files or call external storage). Because the instructions are intentionally broad, consider whether you want the agent to invoke the skill autonomously (normal by default) and avoid sharing secrets in conversations — the skill may suggest tools that require credentials, but it itself does not request any. If you need stronger guarantees, ask for: (1) a description of persistence (no external storage or only platform-managed state), (2) logging/privacy policy, and (3) whether the skill ever reads or writes agent files or external endpoints.
Review Dimensions
- Purpose & Capability
- okName/description (learning user tool preferences and adapting) matches the content of SKILL.md, criteria.md, and dimensions.md. The skill requests no binaries, env vars, or installs—consistent with a lightweight preference-tracking assistant.
- Instruction Scope
- noteInstructions stay within the declared purpose (choose and suggest tools, consult criteria/dimensions). However they are high-level and grant broad discretion ('You can use ANY tool', 'Learn new ones instantly') without describing limits or what context may be gathered to make those decisions. The SKILL.md does not instruct reading system files, env vars, or contacting external endpoints, which is good, but its openness could let an agent perform broad web research or ask the user for context.
- Install Mechanism
- okNo install spec and no code files — nothing is written to disk or fetched at install time. Lowest-risk install footprint.
- Credentials
- okNo required environment variables, credentials, or config paths are declared. Nothing requests unrelated secrets or access.
- Persistence & Privilege
- notealways is false (normal). The SKILL.md implies the agent should 'track' and potentially 'update' preferences, but provides no mechanism for persistent storage or how updates are recorded (e.g., modifying SKILL.md, platform storage, or external DB). Clarify where preferences are stored and whether the skill will modify agent files or store data externally.