Back to skill
Skillv0.1.0
ClawScan security
bounded-researcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 3:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, evidence-first researcher skill whose requirements and runtime instructions align with its stated purpose and request no extra privileges or installs.
- Guidance
- This skill is a set of behavioral instructions (no code, no installs, no credentials) and appears coherent with its stated purpose. Before installing, consider: (1) enforcement — these are guidelines the agent will try to follow but your platform controls actual file and network access, so restrict the agent's runtime permissions if you want to prevent any file reads or external calls; (2) supervision — pair this skill with a coordinator/supervisor as intended to avoid scope creep; (3) testing — run it in a sandboxed environment first to confirm outputs and that it escalates rather than makes implementation changes. If you require strong enforcement of the “do not touch” rules, ensure your agent runtime policy limits file and network access accordingly.
Review Dimensions
- Purpose & Capability
- okThe name/description (bounded, evidence-first research) matches the SKILL.md workflow and outputs; nothing requested (no env vars, binaries, or installs) is out of scope for that purpose.
- Instruction Scope
- okInstructions are narrowly scoped to triage/localize/validate/summarize tasks and explicitly limit scope (load minimal context, escalate when out-of-scope). They do not instruct broad file reads, external endpoints, or credential access.
- Install Mechanism
- okNo install spec or code files are included; the skill is instruction-only so nothing is written to disk or downloaded during install.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths; there are no disproportionate or unexplained secret requests.
- Persistence & Privilege
- okalways is false and autonomous invocation defaults are standard; the skill does not request permanent presence or to modify other skills or system-wide settings.