Skillv1.8.0

ClawScan security

Esfp Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 17, 2026, 10:42 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions are plausible for an ESFP coaching assistant, but multiple metadata and documentation mismatches (INTP content in README, clawhub.json, and reference files) plus unclear persistence behavior make the package internally inconsistent and worth closer review before installing.
Guidance: Key points to check before installing: - Metadata/document mismatch: ask the author why README, clawhub.json, and some reference files reference INTP rather than ESFP — this could be copy-paste error but could also mean the package contents are for a different skill. - Persistence: SKILL.md says it will 'save user archives' and 'record key insights' but the package declares no config paths, storage mechanism, or external endpoints. Confirm where conversation data will be stored, who can access it, and whether sensitive personal information will be retained. - Origin and provenance: source/homepage unknown. Prefer skills with a clear repository, author contact, or homepage. Ask for a link to the canonical repo or verification of the package contents. - Test in a limited environment: if you still want to try it, run it in a controlled/testing agent account and monitor whether it writes data to unexpected locations or attempts network access. If the author can explain the INTP references as harmless copy-paste and provide explicit details about where/how user data are stored (and assurances about privacy), the inconsistencies would be resolved and the skill would be more acceptable. Otherwise, treat it as untrusted.

Review Dimensions

Purpose & Capability: concernThe declared purpose is an ESFP coaching assistant, but several included files and metadata reference INTP (README.md is for INTP Coach; clawhub.json keywords/tags and repository fields mention INTP/intp-coach). Files and paths (references/intp-insights.md) are for a different personality type. This mismatch could be benign (copy-paste) but is an incoherence that should be explained by the author.
Instruction Scope: noteSKILL.md contains clear runtime instructions for two modes (coach/advisor), user-handling rules, and repeatedly says it will 'record' and 'save' user archives for later review. However the skill declares no persistence/config paths or how/where data is stored. The instructions do not request unrelated system files or credentials and don't contain network endpoints, but the unspecified storage behavior is ambiguous and should be clarified.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files executed at install time. That lowers risk — nothing is downloaded or written by an installer.
Credentials: noteThe skill requests no environment variables, binaries, or credentials (appropriate). But it instructs to persist user profiles and conversation logs without declaring any config paths or required platform storage access; the lack of declared storage access is a gap to confirm (where will data be saved and who can read it?).
Persistence & Privilege: notealways:false and model invocation allowed are normal. The skill intends to save 'user archives' between sessions, which implies persistent storage use, yet it does not declare how that will be done. Ask the maintainer how and where data are persisted and whether the skill will modify agent storage or external services.