Skillv1.0.0

ClawScan security

Agent Guardrails · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 1, 2026, 3:35 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The files, runtime instructions, and declared purpose are internally consistent: the repo provides shell scripts and templates to install git hooks, secret scanning, deployment checks, and a feedback loop as described — but you should inspect hooks/auto-commit behavior and test in a throwaway repo before installing.
Guidance: This skill appears to do what it claims: install git hooks, secret scanners, deployment checks, and a feedback loop to surface enforcement improvements. Before installing: 1) Inspect scripts (install.sh, pre/post-create hooks, check-secrets.sh, install-skill-feedback-loop.sh, and any post-commit/auto-commit scripts) to understand what they modify and when they run. 2) Test installation in an isolated or disposable repository first (not in production) so you can safely observe hooks running on commits. 3) Pay attention to the feedback-loop: it creates task files and includes semi-automatic commit helpers — ensure those require explicit confirmation and will not push changes without your approval. 4) If you won’t use publishing helpers, avoid running PUBLISH_NOW.sh (it assumes a Clawdhub CLI and a hardcoded path). 5) Back up your repo or ensure you can revert hooks (.git/hooks) before enabling; consider manually installing hooks or adding an extra manual gate to auto-commit scripts. 6) If you have sensitive credentials, verify the scripts do not transmit them externally (they appear local, but any script that interacts with CLIs or remote services will run under your credentials).

Review Dimensions

Purpose & Capability: okThe name/description (git hooks, secret detection, deployment verification, import registries) match the included artifacts: install.sh, pre-/post-create validators, check-secrets.sh, registry templates, deployment-check scaffolding, and a feedback-loop. There are no requested environment variables or unrelated binaries that would be surprising for this purpose.
Instruction Scope: noteSKILL.md instructs the user to copy and run the provided scripts and to install git hooks into projects. That is consistent with the purpose. The skill also documents a feedback loop (post-commit detection + semi-automatic commit) and includes helper scripts (e.g., PUBLISH_NOW.sh) that call external CLIs; these can modify repository state and produce tasks. Inspect the feedback-loop and publish scripts before enabling them.
Install Mechanism: okThis is instruction-only in the registry (no automatic installer). The code files are plain shell and Python scripts that get copied into a project when you run install.sh. There are no high-risk network downloads or obscure install hosts in the provided artifacts. The publish helper expects the Clawdhub CLI and a local path but is optional.
Credentials: noteThe skill declares no required environment variables, which aligns with its local, repo-centric operation. However, many scripts operate with the user's git identity and may invoke the Clawdhub CLI (which requires login/credentials) if you run the publish helper. The feedback-loop and auto-commit scripts will act with whatever git credentials are available — review and understand that implicit credential use before running.
Persistence & Privilege: noteThe skill does not set always:true and is user-invocable. It installs git hooks and copies scripts into projects, thereby changing repo-local state (.git/hooks, .pending-skill-updates.txt, etc.). That is expected for a guardrails tool but is a persistent modification to the repository and will run on lifecycle events (commits) until removed — review hooks and auto-commit behavior before enabling.