Skillv1.0.0

ClawScan security

do-nothing-0316 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 16, 2026, 7:26 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match its stated purpose (a placeholder that does nothing); it requests no credentials, installs, or external access.
Guidance: This skill is coherent with its description: it's a safe, minimal no-op placeholder. It doesn't require secrets or perform network or file access. You can install it for testing or as a placeholder; do not rely on it for production behavior because it intentionally performs no work. If you need a no-op that logs or enforces safety checks, consider implementing those features separately.

Purpose & Capability: okName/description state a no-op placeholder. Included files (SKILL.md and do_nothing.py) implement only no-op functions and a trivial CLI demo. There are no unrelated requirements.
Instruction Scope: okSKILL.md describes only returning 'complete' / doing nothing, declares no parameters, and contains no instructions to read files, env vars, or network endpoints. The code likewise performs no I/O or external communication.
Install Mechanism: okNo install spec is present (instruction-only with a small Python module). Nothing is downloaded or written to disk beyond the provided file.
Credentials: okNo environment variables, credentials, or config paths are required. The skill does not access any hidden environment variables.
Persistence & Privilege: okalways is false and the skill does not modify agent configuration or request persistent privileges. It is user-invocable and can be called autonomously by the agent (normal default) but has no side effects.