Back to skill
Skillv1.0.0
ClawScan security
Functional PRD Writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 4:25 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only PRD/template writer that is internally consistent with its description and requests no installs, credentials, or system access.
- Guidance
- This skill is a content/template-only PRD writer and appears safe to install from a permission standpoint. Before using it, note: (1) the default output language is Chinese — specify English if you need it; (2) don’t paste sensitive or proprietary data into prompts unless you intend that content to become part of generated documents; (3) review generated PRDs for accuracy and completeness (the skill can confidently produce precise constraints, but you must verify domain-specific rules or security requirements); and (4) although the skill requests no credentials or installs, always vet the skill publisher/source if you require stronger provenance guarantees.
Review Dimensions
- Purpose & Capability
- okName and description match the included SKILL.md and reference templates: the skill's goal is to generate implementation-focused functional PRDs, and all required files are templates and guidance consistent with that purpose.
- Instruction Scope
- okThe SKILL.md instructs the agent to produce PRDs (in Chinese by default) and to consult the included reference files when appropriate. There are no instructions to read arbitrary host files, access environment variables, contact external endpoints, or exfiltrate data.
- Install Mechanism
- okNo install spec and no code files beyond markdown references — nothing is written to disk or pulled from external URLs during install.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is no disproportionate request for secrets or unrelated service keys.
- Persistence & Privilege
- okalways is false and the skill does not request persistent presence or system-level configuration changes; autonomous invocation is allowed but that is the platform default and not combined with other red flags.