Skillv1.8.0

ClawScan security

Esfj Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 17, 2026, 10:41 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill is a harmless-seeming ESFJ coaching guide, but its package contains inconsistent/mixed INTP materials, mismatched metadata, and unclear instructions about persisting user data — these incoherences warrant caution before installing.
Guidance: This skill appears to be a legitimate ESFJ coaching guide, but there are multiple internal inconsistencies you should resolve before installing or enabling it: 1) Documentation mismatch — README, keywords, and reference files include INTP material and paths (looks like copy-paste), and SKILL.md and registry versions differ. Ask the author to confirm the intended target (ESFJ vs INTP) and to clean up docs. 2) Persistence & privacy — the skill instructs the agent to 'save user archives' but declares no storage/configuration or consent flow; clarify where conversation logs and personal data will be stored, for how long, and who can access them. 3) Behavior expectations — confirm whether the skill will ever send data to external endpoints (none are declared in files) and ask for an explicit statement about logging/exporting. 4) Quality/safety — because the content is coaching (not medical/clinical), ensure it includes the stated boundary (not a substitute for professional help). If you proceed, test in a safe environment, review what is actually stored in agent memory after a session, and prefer enabling only after the author fixes the documentation and documents data handling practices.

Review Dimensions

Purpose & Capability: concernThe declared purpose (ESFJ coaching) is plausible for an instruction-only skill that requires no credentials or installs. However the repository and reference files contain heavy INTP-focused content (README is for INTP Coach, references/intp-insights.md present, keywords in clawhub.json reference INTP), and the SKILL.md's metadata versions differ from registry metadata. This suggests careless copy-paste or mislabelling that could cause the skill to give inappropriate advice to ESFJ users.
Instruction Scope: concernSKILL.md instructs the agent to 'record key insights' and 'save user archives' (成长记录/存档) for later sessions, but the skill declares no persistence mechanism, no config paths, and no consent/privacy controls. While recording to the agent's built-in memory could be intended, the instructions do not specify what gets stored, how long, or where — which is a privacy risk. Otherwise, the runtime instructions stay within coaching scope and do not request unrelated system access.
Install Mechanism: okThere is no install spec and no code files to execute. Instruction-only skills carry the lowest install risk; nothing is downloaded or written by an installer.
Credentials: okThe skill requests no environment variables, no external credentials, and no config paths — proportional to a conversational coaching skill. The mismatch is conceptual (it expects to save user archives but declares no storage settings), not credential overreach.
Persistence & Privilege: notealways:false and normal autonomous invocation are appropriate. The main concern is the skill's expectation to persist user data across sessions without declaring where or how. That creates a privacy/persistence question (how will archives be stored and protected?), but it does not by itself indicate elevated platform privileges.