ClawHub
Back to skill
v1.0.0

Drivers’ Hours & WTD Infringement Coach (UK)

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:51 AM.

Analysis

This instruction-only skill is coherent and technically low-risk, but it handles employee compliance records and can draft escalation-related notes that should be human-reviewed.

GuidanceBefore installing or using this skill, confirm that the RAG rule matches your actual internal policy and that a responsible manager reviews any output before it is used with a driver or in a formal HR process. Provide the minimum necessary driver data and store generated files securely.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Cascading Failures
SeverityMediumConfidenceHighStatusNote
references/rag-escalation-rule.md
3 amber events OR 1 red event -> progress to discipline (per your internal process).

The RAG classification can feed into formal escalation or disciplinary consideration. This is disclosed and purpose-aligned, but incorrect inputs or unverified policy text could affect a driver-facing employment process.

User impactIf the facts or internal policy are wrong, the generated coaching note could contribute to an inappropriate escalation path.
RecommendationHave a manager or compliance owner verify the source records, RAG history, lookback window, and internal policy before using outputs in any formal process.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
- Driver identifier (name/ID) and role ... - Infringement list ... - Prior RAG history

The skill asks for identifiable driver and compliance-history information and summarizes it into generated notes. This is expected for the stated purpose, but it is sensitive employment data.

User impactDriver compliance details may be copied into generated notes and action plans that could be retained or shared as employment records.
RecommendationProvide only necessary extracts, avoid unnecessary personal details, and store or share generated files only in appropriate HR/compliance locations.