Skillv1.0.2

ClawScan security

TED Talk · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 25, 2026, 4:48 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose (turning conversation-derived insights into 40–50 minute TED-style talks), requests no installs or credentials, and stays within expected scope — but it synthesizes from the full conversation context, so avoid seeding sensitive data into the conversation before invoking it.
Guidance: This skill appears coherent and low-risk because it has no install steps and asks for no credentials. Before using it: (1) avoid including any secrets, passwords, or private data in the conversation context you ask the skill to synthesize (the skill will read the full conversation), and (2) check any concrete examples the skill generates for accuracy and privacy (it should not invent specifics, but validate outputs before sharing). If you need the talk to reference code or files, save/remove sensitive data first because the skill states it won't read project files automatically.

Purpose & Capability: okThe name/description (generate full TED-style talks from technical conversations) aligns with the instructions: the SKILL.md defines steps to synthesize conversation context into a narrative, lists no unrelated dependencies, and declares it does not read workspace files or require credentials.
Instruction Scope: noteRuntime instructions direct the agent to 'read full conversation context' and extract concrete details/decisions from that context. This is coherent for a talk-generation skill, but it means any sensitive information present in the conversation can be used in outputs. The skill explicitly states it will not read files or project artifacts, which matches the registry metadata.
Install Mechanism: okThere is no install spec and no code files—this is instruction-only, so nothing will be downloaded or written to disk. That minimizes filesystem and supply-chain risk.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. There is no request for unrelated secrets or cloud credentials, which is proportionate to the stated purpose.
Persistence & Privilege: okThe skill is not always-included and is user-invocable; it does not request elevated or persistent agent privileges. Autonomous invocation is enabled by default (normal), but combined with the lack of extra privileges this is expected and not concerning.