Skillv1.0.0

ClawScan security

Comprehensive Tech Documentation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 1:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only documentation skill whose declared purpose and runtime instructions align (no installs, no credentials); it appears coherent and appropriate for generating project docs, though a detected unicode-control-chars pattern is worth reviewing.
Guidance: This skill is internally coherent for producing layered technical docs and is low-risk because it requires no installs or credentials. Before installing or running it: 1) Inspect SKILL.md and other files for hidden/unexpected characters (remove unicode control characters). 2) Run the skill on a copy of the repository or limited directory (avoid exposing .env, secret keys, or credential files). 3) If your repo contains secrets, restrict the agent so it doesn't read sensitive paths or require explicit user approval before reading files. 4) Prefer manual invocation and review outputs for accidental inclusion of secrets before sharing externally. If you want extra safety, disable autonomous invocation for this skill or sandbox it in a throwaway environment.
Findings: [unicode-control-chars] unexpected: Scanner found unicode control characters in SKILL.md. There is no legitimate need for hidden control characters in a documentation template; they can be used in prompt-injection or obfuscation. This is a low-confidence flag (could be harmless formatting or an artifact of extraction) but should be inspected and removed if unnecessary.

Review Dimensions

Purpose & Capability: okName/description match the contents: the skill is an instruction-only doc-generation workflow and asks the agent to read project files and produce layered documentation. It does not request unrelated binaries, credentials, or external services, so required capabilities are proportionate to the stated purpose.
Instruction Scope: noteSKILL.md explicitly instructs the agent to read core project files (SKILL.md, README, main config, implementation files) and to extract architecture/data flow. That is necessary for producing accurate docs, but it also means the agent will access arbitrary repository files — potentially including secrets — if present. The instructions are concrete (templates, diagrams required) and not overly open-ended, but the 'MUST READ' list should be limited by the user to avoid accidental disclosure of sensitive files.
Install Mechanism: okNo install spec and no code files that would be executed. As an instruction-only skill, nothing is downloaded or written to disk by an installer, minimizing install-related risk.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. This is proportionate for a documentation-writing skill.
Persistence & Privilege: okalways:false and user-invocable:true (defaults). The skill does not request permanent/always-on presence or to modify other skills. Autonomous invocation is allowed by platform default but not set here as forced.