Back to skill
Skillv1.0.0
ClawScan security
Focus Guard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 4:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only session-management protocol that matches its description: it gives the agent rules for anchoring goals, logging decisions, and flagging scope drift and does not request credentials or install code.
- Guidance
- This skill is internally consistent and low-risk: it's a prompt-level protocol for keeping multi-step sessions on-track and does not ask for credentials or install code. Before using it widely, decide how strict you want the guard to be: provide concrete examples or thresholds for 'major steps' and 'significant decisions' to avoid too-frequent interruptions or missed edge cases. If you plan to let autonomous agents use it, consider requiring explicit user confirmation for scope-expanding actions so the agent cannot proceed with non-essential changes without approval.
Review Dimensions
- Purpose & Capability
- okThe name/description (session coherence, decision tracking, resisting scope creep) directly matches the SKILL.md instructions. There are no unrelated environment variables, binaries, or install steps requested — nothing disproportionate to the stated purpose.
- Instruction Scope
- noteAll runtime instructions are limited to dialog-level behavior (create anchors, decision logs, ask for confirmation before reversing decisions, flag scope creep). This stays within the stated purpose. One area to note: some language is intentionally high-level/subjective (e.g., 'each major step', 'significant decision') and therefore gives the agent discretion to decide when to pause or flag; that could produce frequent prompts or inconsistent behavior unless the integrator/user provides tighter thresholds or examples.
- Install Mechanism
- okThere is no install spec and no code files — this is an instruction-only skill. That minimizes risk from code installation or unexpected binaries being written to disk.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. Nothing sensitive is requested or required for its operation.
- Persistence & Privilege
- okThe skill is not forced-always, and autonomous invocation is allowed only by the platform default. It does not request system-wide changes or modify other skills. This level of presence is appropriate for a session-protocol skill.