Skillv1.0.0

ClawScan security

Spec-First Development · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 3, 2026, 7:09 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested actions (reading the codebase, generating SPEC.md, pausing for approval) match its stated goal and require no extra credentials or installs; it's internally coherent.
Guidance: This skill is instruction-only and coherent with its purpose: it will read your project files and write SPEC.md in the project root, then wait for your explicit approval before writing implementation code. Before enabling or running it, confirm: (1) the agent's file-sandbox is limited to the intended repository/workspace so it cannot read unrelated files or secrets; (2) you are comfortable granting the agent Read/Write/Bash capabilities in that workspace (Bash can run arbitrary commands, so sandboxing matters); (3) the auto-trigger rules (phrases like 'build me') won't cause unwanted invocations in your environment. Note the SKILL.md mentions running 'Grep' but only lists 'Glob' explicitly — this is likely benign (grep can be run via Bash) but you may ask the author to clarify allowed-tools or explicit shell usage if you need stricter controls.

Purpose & Capability: okName and description match the instructions: the skill inspects a codebase, produces a SPEC.md, and waits for user approval before implementing. Required resources (none) and declared allowed-tools (Read, Write, Bash, Glob) are appropriate for a spec-generation workflow.
Instruction Scope: noteInstructions explicitly tell the agent to read the repository (glob/grep) and write SPEC.md to the project root, then pause for explicit user 'go' before any code creation. This is appropriate for the stated purpose. Minor inconsistency: SKILL.md refers to running 'Grep' but the allowed-tools list names 'Glob' (and 'Bash' is present so grep could be invoked via Bash). No instructions attempt to access unrelated system paths or external endpoints.
Install Mechanism: okNo install spec and no code files — instruction-only. Nothing will be downloaded or written to disk beyond the SPEC.md it is explicitly instructed to create in the project workspace.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its filesystem access (reading project files, writing SPEC.md) is proportional to its purpose.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request persistent or elevated platform privileges and does not modify other skills' configuration. Autonomous invocation is allowed by platform default but not a red flag here.