Back to skill
Skillv1.1.0
ClawScan security
Demo Script · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 12, 2026, 4:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only demo-script authoring helper whose declared files and runtime instructions align with its stated purpose and request no extra permissions or installs.
- Guidance
- This skill appears coherent and low-risk: it only contains templates and writing guidance for demo scripts and requests no credentials or installs. Before installing, verify the publisher if you need provenance, and avoid sending any sensitive credentials or proprietary data into prompts. If you plan to let the agent invoke skills autonomously, note that this is platform default behavior—because this skill has no credential or network requirements, the blast radius is small. If you see later prompts asking for files, API keys, or to run commands, treat that as unexpected and decline.
Review Dimensions
- Purpose & Capability
- okName and description match the included SKILL.md and reference templates. All files are content (templates, checklists, objection handlers) clearly relevant to producing demo scripts; nothing requires cloud credentials, system access, or unrelated capabilities.
- Instruction Scope
- okSKILL.md and the referenced files only provide writing templates, sample language, and checklists. There are no commands, file reads, network calls, or instructions to gather system or credential data—no scope creep detected.
- Install Mechanism
- okNo install spec and no code files—this is instruction-only. That is the lowest-risk install model and is proportionate for a content/template skill.
- Credentials
- okThe skill declares no required environment variables, binaries, or config paths. It does not ask for tokens, secrets, or credentials; the requested surface is minimal and appropriate for the stated purpose.
- Persistence & Privilege
- okFlags show always:false and user-invocable:true. The skill does not request persistent or cross-skill configuration changes. Autonomous invocation is allowed by platform default but the skill itself does not request elevated persistence or privileges.