Back to skill
Skillv1.0.0
ClawScan security
测试skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 16, 2026, 7:10 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are internally consistent for a note-polishing tool and do not request unrelated credentials, installs, or system access.
- Guidance
- This skill appears coherent and low-risk for its stated purpose. Before using it, avoid pasting sensitive secrets or credentials into the text you want polished (names, tokens, or private PII), and test it first with non-sensitive samples to confirm the output style. Remember that "benign" here means the skill matches its description — it can still surface or reformat any sensitive content you provide, so review outputs before sharing externally.
Review Dimensions
- Purpose & Capability
- okName/description (polish notes) match the SKILL.md: all instructions focus on rewriting, clarity, tone, and preserving facts. No unrelated capabilities or requests (no cloud creds, no binaries).
- Instruction Scope
- okSKILL.md confines runtime behavior to transforming user-provided text, asking at most one clarifying question, and preserving facts. It does not instruct reading system files, environment variables, or sending data to external endpoints.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. Nothing is written to disk or fetched during install.
- Credentials
- okNo environment variables, credentials, or config paths are required; requested scope is minimal and appropriate for a text-polishing skill.
- Persistence & Privilege
- okalways is false and there is no special persistence or system-wide configuration. The skill can be invoked autonomously (platform default), which is normal for this type of skill.