Skillv1.0.0

ClawScan security

Thinking Partner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 17, 2026, 10:51 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only 'thinking partner' that asks questions and takes notes; it requests no installs, binaries, or credentials and its behavior matches the stated purpose.
Guidance: This skill appears coherent and low-risk, but it's somewhat vague about where it will find and store 'notes' or 'existing context.' Before installing or enabling it for autonomous use: 1) confirm what data sources the agent will consult (conversation history only vs. user files or external note services), 2) confirm whether the 'running log' is stored persistently and where, and 3) avoid exposing sensitive files or credentials to the agent unless you intentionally permit that access. If you need tighter control, restrict the skill's access to only the conversation context or test it in a safe environment first.

Purpose & Capability: okName and description match the instructions. There are no declared binaries, environment variables, or installs that are unrelated to a conversational brainstorming role.
Instruction Scope: noteSKILL.md tells the agent to 'search for relevant existing notes or context' and to 'maintain a running log' but does not specify where notes come from or where logs are stored. This is ambiguous: depending on agent integration, it could mean only conversation history, or it could prompt the agent to access user files or external note services. The instruction set is otherwise limited to questioning, tracking insights, and summarizing.
Install Mechanism: okNo install spec and no code files — lowest-risk, instruction-only skill; nothing will be written to disk by an installer.
Credentials: okNo required environment variables, credentials, or config paths are declared; nothing disproportionate is requested.
Persistence & Privilege: okalways:false (default) and no requests to modify other skills or system-wide config. The skill can be invoked autonomously by the agent (platform default), which is expected for skills.