Skillv0.2.1

ClawScan security

Skill Distiller (Compressed) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 9:23 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: Instruction-only skill whose requirements and behavior are generally consistent with a 'skill compressor', but it writes files to the local workspace and references optional model providers/keys without declaring them.
Guidance: This skill is an instruction-only 'compressor' and is generally coherent with its stated purpose. Before installing: (1) be aware it writes files to the agent workspace (SKILL.compressed.md and .learnings/skill-distiller/calibration.jsonl) — ensure you’re comfortable with that path and its permissions; (2) if you plan to use an external model backend (ollama, Gemini, OpenAI), the skill's docs mention related env vars/servers but don’t declare them formally — only provide API keys if you trust the environment and limit their scope; (3) run a dry-run first (the skill documents a --dry-run option) to confirm outputs and that no unexpected files are created; (4) if you need higher assurance, request the full SKILL.reference.md linked in the metadata and/or inspect the agent's workspace after a test run. Overall the skill appears coherent and fit-for-purpose, with the main considerations being file writes and optional model-key usage.

Review Dimensions

Purpose & Capability: okThe name/description match the content: the SKILL.md describes how to compress skills, protect key patterns, score importance, and produce compressed outputs. No unrelated binaries, credentials, or install steps are requested, so the declared purpose aligns with what the skill asks the agent to do.
Instruction Scope: noteInstructions stay focused on parsing and compressing skill markdown and include expected workflows (section classification, scoring, output format). The SKILL.md instructs the agent to write outputs (SKILL.compressed.md) and append calibration data to .learnings/skill-distiller/calibration.jsonl — this is reasonable for a distiller but means the skill will write to the agent workspace. It also references provider fallback and error hints (e.g., 'set GEMINI_API_KEY' or 'ollama serve'), which implies optional use of external model backends even though the skill otherwise claims 'No external APIs.'
Install Mechanism: okNo install spec and no code files are present (instruction-only), so there is no download or arbitrary code execution risk from installation. This is the lowest-risk install model.
Credentials: noteDeclared requirements list no environment variables or credentials, which is proportionate for an instruction-only compressor. However, the SKILL.md mentions provider options (ollama, gemini, openai) and references GEMINI_API_KEY and running 'ollama serve' in error handling; those are optional but not declared. If you run the skill configured to use an external provider, that provider may require API keys — consider whether you want the skill to have access to those secrets.
Persistence & Privilege: okThe skill does not request persistent platform privileges (always:false). It will write its outputs and calibration entries to the agent workspace (.learnings and SKILL.compressed.md), which is normal for this utility. disable-model-invocation:true reduces autonomous invocation risk.