Back to skill
Skillv1.0.3
ClawScan security
Blog Editor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 4:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only Markdown blog editor whose declared purpose matches its instructions and it requests no extra installs, env vars, or privileges.
- Guidance
- This skill appears coherent and minimal: it only edits Markdown and asks no extra permissions. Before using, don't paste sensitive secrets or personally identifiable data into the draft (any text you provide will be processed by the agent/model). Also ensure you trust the agent's 'md' skill that the editor will use to save files, and test on a non-sensitive draft first if you want to confirm output filenames and storage location.
Review Dimensions
- Purpose & Capability
- okName and description (Markdown blog editing) align with the contents of SKILL.md and included files. The skill requires only the 'md' skill to write out edited Markdown, which is consistent with the stated purpose. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okRuntime instructions are narrowly scoped to reading a provided Markdown draft, fixing grammar, enhancing thin sections (with in-line comments when additions are made), flagging structural suggestions for user approval, and outputting a revised Markdown file. The SKILL.md does not instruct the agent to read unrelated files, access environment variables, or transmit data to external endpoints beyond normal model invocation.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. This minimizes on-disk risk; there are no downloads, extracts, or third-party packages included.
- Credentials
- okThe skill requests no environment variables, secrets, or config paths. This is proportionate to the simple editing task. The only external dependency noted is the platform 'md' skill, which is appropriate for writing Markdown output.
- Persistence & Privilege
- okalways:false and no instructions to modify other skills or system-wide configuration. The skill does request saving an edited file under a modified filename, which is normal for this task and scoped to the user's content.