Back to skill
Skillv1.1.1
ClawScan security
gtm-strategy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 8, 2026, 3:07 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only go-to-market strategy advisor whose declared purpose, instructions, and requirements are internally consistent and do not ask for credentials, installs, or unrelated access.
- Guidance
- This skill is coherent and low-risk as delivered: it provides GTM strategy guidance with no installs or secret access. Before using, consider: (1) avoid pasting proprietary or sensitive customer data into prompts; (2) treat outputs as advisory (validate recommendations against your internal metrics and legal/compliance needs); (3) if the skill later requests credentials, installs, or external integrations, re-evaluate because that would be a significant change in scope.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md content: detailed GTM frameworks, modes, 90-day plan, ICP guidance, and scenario guidance. Nothing in the skill asks for unrelated resources (no binaries, env vars, or external services).
- Instruction Scope
- okSKILL.md contains only guidance for producing GTM strategy, checklists, and recommendations. It does not instruct the agent to read system files, access environment variables, call external endpoints, or collect unrelated user data.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This minimizes disk writes and external code execution risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The instructions do not reference secrets or other environment state.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent or elevated platform privileges.