Skillv1.0.0

ClawScan security

PersonaNexus ClawHub Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 28, 2026, 1:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, documentation, and runtime instructions are internally consistent with the stated purpose of defining and compiling AI personalities; it does not request unexplained credentials or unusual system access.
Guidance: This package appears to do what it claims: validate personality YAMLs, map between frameworks, and compile system prompts. Before installing: (1) run python package installs inside a virtualenv to avoid affecting system Python; (2) review the full SKILL.md and any truncated sections (the provided SKILL.md was cut off) to confirm there are no hidden network behaviors; (3) inspect templates and any runtime code not shown here for unexpected I/O; and (4) treat the 'uv pip install' line as a probable typo — use plain 'pip install' unless you know what 'uv' is in your environment.
Findings: [pre-scan-injection-signals-none] expected: Static pre-scan did not flag injection patterns. Given that this skill is primarily data transformation and schema validation, the absence of injection patterns is expected.

Review Dimensions

Purpose & Capability: okThe name/description (persona creation, mapping between personality frameworks, compiling prompts) matches the provided Python modules (parser, types, personality mappings, compiler, validator, CLI). Required binaries (python3, pip) are appropriate for a Python CLI/library. No unrelated cloud credentials or external services are requested.
Instruction Scope: okSKILL.md instructions focus on installing Python dependencies, editing YAML templates, validating files, and compiling prompts. The documentation and code refer to local file operations and in-memory transforms; there are no instructions to read unrelated system files, access environment secrets, or transmit data externally in the visible content. The SKILL.md is truncated but begins a statement 'This skill does not make any network r...' suggesting no network calls are expected; the provided code excerpts show no outbound network behavior.
Install Mechanism: noteThere is no formal install spec (instruction-only), but the bundle includes Python source files and a requirements.txt. SKILL.md instructs the user to pip-install dependencies locally. This is a normal, low-risk pattern; the only minor oddity is the SKILL.md suggestion to use 'uv pip install' (probably a typo or reference to an alternate runner). No downloads from arbitrary URLs or archive extraction are present in the provided manifest.
Credentials: okThe skill declares no required environment variables or credentials and the code shown does not access os.environ or external API keys. Enumerations mention provider names (elevenlabs, azure, google, openai) but no credentials are requested — this is reasonable for a compiler/formatter library that can target different platforms without directly calling them.
Persistence & Privilege: okThe skill does not request always: true and does not claim to modify other skills or system-wide agent settings. It is user-invocable and allows autonomous invocation (platform default) which is expected for a skill that can be called by an agent.