Skillv1.0.0

ClawScan security

小象中医体质辨识 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 10, 2026, 1:16 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested resources and runtime instructions align with its stated purpose (a guided 9‑question TCM constitution inquiry and local food recommendation lookup); it is instruction-only, requires no credentials, and does not perform unexpected actions.
Guidance: This skill is internally consistent and low-risk from a platform perspective (no external network calls, no credentials, no installers). Before installing, consider: (1) Privacy — the skill collects personal health details during the Q&A (treated as sensitive); avoid entering highly sensitive identifiers. (2) Medical liability — recommendations are informational and based on the included food-list; they are not a substitute for professional medical diagnosis/treatment. (3) Content accuracy — the food-list is large and domain-specific; if you rely on this for health decisions, have a qualified practitioner or clinician review it. (4) Offline safety — because the skill is instruction-only and packaged with its food list, there is no code that will run outside the agent; still verify that the agent will not be configured to forward conversation transcripts to third-party endpoints if you have privacy concerns.

Review Dimensions

Purpose & Capability: okThe skill's name/description (TCM constitution inquiry + food recommendations) match the runtime instructions: a prescribed 9-question interaction, local classification rules, and food recommendation logic based on the included references/food-list.md. It does not request unrelated binaries, environment variables, or cloud credentials.
Instruction Scope: okSKILL.md strictly defines the conversation flow: ask nine ordered questions, remember user answers, derive up to three TCM '证素', and select 3–5 foods by scoring against the included references/food-list.md. The only file it reads is the packaged references/food-list.md (documented). It does not instruct reading other system files, environment variables, or sending data externally.
Install Mechanism: okNo install spec and no code files — this is instruction-only. Nothing is downloaded or written to disk by an installer, so there is no install-time execution risk from external URLs or packages.
Credentials: okThe skill declares no required environment variables, credentials, or config paths and the SKILL.md does not reference any external secrets. Required resources are proportional and limited to the included food-list content and in-memory conversation state.
Persistence & Privilege: okThe skill is not always-enabled and does not request special persistence or privileges. It does require remembering user answers during an interaction (normal conversational state) but does not request writing configuration, modifying other skills, or long-term storage.