Skillv1.0.0

ClawScan security

feyman-coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 8:35 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a note-based Feynman-style study coach: it reads markdown notes, generates review tasks, and writes review/history files — nothing in the bundle attempts unexpected network exfiltration or asks for unrelated credentials.
Guidance: This skill appears to do what it says: it scans your markdown notes, generates Feynman-style questions, and writes review files. Before installing or scheduling it: 1) set vault_path to the exact folder that contains only the notes you want scanned (do not run it from your home or repo root), 2) review the script (scripts/daily_review.py) yourself to confirm it writes only to Z_Utils/feynman-coach/, 3) if you use the GitHub Actions example, verify the workflow and repository permissions (automatic git push could publish sensitive notes), and 4) be aware that integrations mentioned (Anki/Notion/sync commands) are referenced but not implemented in the shipped script — those would require explicit credentials and additional code if you enable them. If you want extra assurance, run the script in --dry-run or --list mode in a test vault first.

Review Dimensions

Purpose & Capability: okThe skill claims to help users review notes using the Feynman method and the provided script and docs implement exactly that: scanning markdown files, generating questions, creating daily review files and history. Required resources (filesystem access to a notes vault) match the stated purpose. Minor mismatch: SKILL.md/README mention integrations/commands (sync-notion, export-anki, opencode commands) that are referenced but not fully implemented in the included script—this is an implementation incompleteness, not a security mismatch.
Instruction Scope: noteInstructions and the script read all .md files under a vault_path (default '.'), extract titles, generate tasks, and write outputs to Z_Utils/feynman-coach/*; they also recommend creating scheduled tasks or GitHub Actions. This behavior is consistent with the feature set. Important user-facing consideration: scanning all markdown files can surface sensitive notes if the script is executed from a directory that contains private data — the docs rely on the user to set vault_path or run the script from the correct location.
Install Mechanism: okNo install spec; the package is instruction-only with a pure-Python script. README suggests optional pip installs (tomli, win10toast) which are reasonable. No downloads from untrusted URLs or archive extraction are present.
Credentials: okThe skill requests no environment variables or credentials. It accesses local config (.opencode/config.toml) and the filesystem (markdown files) which is proportional to its purpose. There are example commands referencing external integrations (Anki/Notion/GitHub Actions) — those would require credentials if used, but the skill does not itself request any secrets.
Persistence & Privilege: noteThe skill is not always-enabled and does not request special platform privileges. It writes files to Z_Utils/feynman-coach/daily-reviews and history — expected for saving review state. The GitHub Actions example includes a push step which, if enabled by the user, could commit notes/history back to a remote repository; that is a user-managed configuration and should be validated before use.