Sop Generator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a benign instruction-only SOP-writing skill, with privacy notes around sensitive recordings and credential-location details in generated procedures.
This skill appears safe to install as an instruction-only SOP drafting aid. Before using it, make sure recordings and transcripts are appropriate to share with the agent or any external transcription service, and avoid putting passwords, tokens, or unrestricted credential details into generated SOPs.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private recordings or transcripts could be shared with third-party services if the user follows this workflow.
The skill suggests using external transcription or AI services with recordings/videos, which may contain sensitive business, client, or personal information.
Generate transcript (Loom has built-in transcription, or use Otter.ai, Rev, or Claude with the video)
Use approved transcription tools, review provider privacy terms, get any needed consent, and redact sensitive content before uploading.
Team SOPs could reveal where credentials or privileged account access details are stored.
The SOP template encourages documenting where login information can be found, which is useful for operations but can expose account-access paths if shared too broadly.
Tool 1 (with login info location if applicable)
Do not put passwords, tokens, or secret values in SOPs. Reference an approved password manager or vault entry by role/name and restrict SOP access to appropriate team members.