Skillv1.0.0

ClawScan security

Code Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 6, 2026, 11:14 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (a local codebase analysis/DDD identification tool) and request no external credentials or installs, but it will read arbitrary files under whatever path you point it at and the SKILL.md is permissive about what to analyze — so exercise caution about sensitive repos and where you run it.
Guidance: This skill appears to do what it says — it runs local Python analyzers over a repository you point it at and emits a report. Before running: (1) do not point it at root (/) or system directories; target only the repository you intend to analyze; (2) be aware reports may include configuration or secret values found in code/config files — consider running on a sanitized copy; (3) run the scripts in a sandboxed environment (container or VM) if you are uncertain; (4) review the generated report before sharing it with external services/models; and (5) note the DDD heuristics are name/pattern-based and may produce false positives, so validate findings manually. If you want higher assurance, provide the full scripts (untruncated) for a line-by-line review or run them in an isolated environment first.

Purpose & Capability: okName/description (deep code/DDD analysis) align with included Python scripts (analyze.py and ddd-analyzer.py) that parse ASTs, walk source files, and generate reports. No unrelated credentials, binaries, or external services are requested.
Instruction Scope: noteSKILL.md tells the agent to run the bundled analyzers against a provided --path and generate/interpret reports. That is within purpose, but the instructions give broad discretion to analyze any filesystem path the user supplies; the analyzer will read source files recursively and can include config files or secrets present in the target tree. SKILL.md does not explicitly warn about sensitive paths or outputs.
Install Mechanism: okNo install spec; scripts are bundled and run with the local Python interpreter. There are no downloads, third-party package installs, or remote installers in the manifest.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The scripts perform local file analysis only (no obvious network libraries imported in visible code).
Persistence & Privilege: okalways is false and the skill does not request persistent privileges or modify other skills. Running it requires executing the bundled scripts only.