Back to skill
Skillv1.5.1
ClawScan security
Copyku · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 18, 2026, 3:05 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only Indonesian copywriting skill whose declared requirements and runtime instructions match its stated purpose and do not request unexpected system access or credentials.
- Guidance
- This skill is instruction-only and appears coherent with its stated purpose. Before installing: (1) verify the author's reputation (author handle and ClawHub link are provided) if you need provenance; (2) avoid sending sensitive PII or secret product data into prompts (the skill will process whatever you give it); (3) test on non-sensitive examples to confirm outputs and guardrails work as expected; and (4) remember that while the skill itself does not request credentials or perform network I/O, the agent running it will still use models to generate text—review generated copy for accuracy and compliance with legal/marketing constraints.
Review Dimensions
- Purpose & Capability
- okName/description (AI copywriting in Indonesian) align with the included README and SKILL.md which only describe copy generation modes, templates, and tone options; no unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md contains only prompts, templates, and interaction modes for generating copy; it does not instruct the agent to read local files, access environment vars, or transmit data to external endpoints beyond normal model use.
- Install Mechanism
- okNo install spec or code files are present; this is instruction-only so nothing is downloaded or written to disk by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths—appropriate for a prompt/template-driven copywriting assistant.
- Persistence & Privilege
- okSkill is not marked always:true and makes no requests to modify other skills or system settings; default autonomous invocation is allowed by platform but is not an unusual privilege here.