Back to skill
Skillv1.0.0
ClawScan security
Article Rewriter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 3:29 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it's an instruction-only article-rewriting assistant with no installs, no credentials, and no unexpected behaviors in the provided files.
- Guidance
- This is an instruction-only article-rewriting skill that requires no installs or credentials and behaves as described. Before using: (1) Avoid submitting highly sensitive or private data—while the skill itself has no exfiltration hooks, outputs should be treated like any LLM result and verified; (2) Review rewrites for factual accuracy (the skill forbids fabrication but LLMs can still hallucinate); (3) Note the agent may invoke the skill autonomously by default (normal), so if you prefer explicit control check your agent's autonomy settings; (4) If you need privacy guarantees or retention policies, confirm those at the agent/platform level since the skill bundle contains no policy statements.
Review Dimensions
- Purpose & Capability
- okName/description match the content of SKILL.md and the included APAG playbook. The skill does not request unrelated binaries, env vars, or config paths.
- Instruction Scope
- okRuntime instructions are focused on rewriting tasks (structure, hooks, CTAs) and include guardrails (don't fabricate facts). They ask the agent to request source text when missing and to consult the included reference file; they do not read or transmit unrelated system files or external endpoints.
- Install Mechanism
- okNo install spec or code files — instruction-only. Nothing will be downloaded or written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are required. Requested access is proportional to the stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request system-wide modifications. disable-model-invocation is false (default) which allows autonomous invocation but is normal and not combined with other red flags.