Skillv1.0.0

ClawScan security

PsyVector pv24 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 13, 2026, 9:21 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only role-playing skill for a business/cooperation manager persona and its declared requirements and behavior are coherent with that purpose.
Guidance: This skill appears internally consistent and safe to install from a permissions standpoint (it requests no creds or installs). Two practical cautions: (1) the workflow asks the agent to 'use tools' to research companies and decision‑makers — if you enable web-browsing or external plugins, expect it to collect public personal/company data; restrict tool permissions if you want to avoid profiling individuals or scraping sensitive data. (2) The skill enforces staying in-character; remind users how to exit the role (it defines exit phrases) and review outputs for factual claims before acting on them. If you need stricter privacy, permit only company-level public sources (press releases, filings) and disallow personal social-media scraping.

Purpose & Capability: okName/description describe a BD/partnership negotiator persona; the SKILL.md contains only role rules, negotiation models, heuristics and an agentic workflow — nothing requires extra system access, credentials, or unrelated capabilities.
Instruction Scope: noteMost instructions are in-scope (negotiation models, scripts, and reply rules). One notable clause: the Agentic Protocol Step 2 says '研究（必须使用工具）' and lists researching the counterparty and key decision‑makers. That mandates external research and background-check style data collection without specifying limits, so it could lead the agent to pull personal/public information about individuals or perform broad web scraping. Functionally this is consistent with a BD persona, but it is a vague instruction that could raise privacy or scope concerns depending on what search/browsing tools the agent has access to.
Install Mechanism: okInstruction-only skill with no install spec, no downloads, and no code files — minimal file/system footprint and lower install risk.
Credentials: okNo required environment variables, binaries, or credential requests are declared. The skill does not ask for unrelated secrets or config paths.
Persistence & Privilege: okFlags show standard defaults (always:false, user-invocable:true, model invocation allowed). The skill does not request permanent presence or privileged system modifications.