Back to skill
Skillv1.1.0
ClawScan security
Advisory Committee · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 10:09 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- Instruction-only skill that simulates a four-member advisory committee with no installs, credentials, or external endpoints — its requirements and instructions are coherent with its stated purpose.
- Guidance
- This skill is instruction-only and appears internally consistent with its stated purpose. Before enabling it broadly, confirm where the decision log will be stored (conversation only vs. persistent memory or external storage), how tie-breaks are resolved, and whether your agent will run the committee autonomously on triggers you care about. Avoid submitting sensitive or confidential proposals until you've verified the host's persistence and sharing policies, and test with non-sensitive examples first.
Review Dimensions
- Purpose & Capability
- okName/description (4-agent advisory committee) matches the SKILL.md and the included role definitions; no unexpected binaries, env vars, or external services are requested.
- Instruction Scope
- noteRuntime instructions stay within the advertised purpose (run four agents in sequence, produce per-agent verdicts, and append a decision-log row). Minor ambiguity: the skill doesn't specify tie-breaking rules, how much context each agent may use, or where the decision log is persisted (conversation only, memory store, or external storage). This is a functional omission rather than a safety mismatch.
- Install Mechanism
- okNo install spec and no code files — lowest-risk model. Nothing is downloaded or written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested; requested permissions are proportionate to the described functionality.
- Persistence & Privilege
- okalways:false and autonomous invocation allowed (platform default). The skill does not request elevated or persistent platform privileges or modify other skills. Consideration: outputs/logs could be persisted by the host agent if that host saves conversation history or memory.