Back to skill
Skillv1.0.0
ClawScan security
Roast My Code · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 11:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only 'Roast My Code' skill that asks users to paste code and returns humorous, educational reviews; it requires no installs, credentials, or system access and its instructions align with the stated purpose.
- Guidance
- This skill appears coherent and low-risk as long as you treat it like any chat tool: do not paste secrets, API keys, proprietary code, or confidential data into the chat. The skill's source and homepage are missing—if you need stronger provenance or an audit trail, prefer tools with a known author/repository or run reviews locally. If you plan to allow autonomous agent actions broadly, re-check permissions (though this particular skill does not request credentials or install components).
Review Dimensions
- Purpose & Capability
- okThe skill's name and description match the runtime instructions: it expects code text input and produces roast-style reviews. It does not request unrelated binaries, environment variables, or config paths. (Note: the package provenance/homepage is missing, which affects trust but not internal coherence.)
- Instruction Scope
- okSKILL.md contains examples and instructions for producing roasts from code pasted by the user; it does not direct the agent to read files, access environment variables, or send data to external endpoints beyond the normal chat response. The instructions stay within the stated entertainment / educational scope.
- Install Mechanism
- okNo install spec or code files are present (instruction-only). Nothing is written to disk or downloaded, which minimizes installation risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is no disproportionate credential request for the described functionality.
- Persistence & Privilege
- okFlags: always=false and user-invocable=true. disable-model-invocation is false (agent could invoke autonomously), which is the platform default; because the skill requests no broad access or credentials, this default autonomous invocation does not increase risk here.