Back to skill
Skillv1.0.3
ClawScan security
Refines ambiguous or high-risk user requests before execution. Trigger when the request is underspecified, likely to benefit from clearer constraints or verification, or when the user explicitly asks to refine, improve, optimize, refactor, or compare approaches. Skip clear single-step instructions and already-well-scoped tasks. · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 9:12 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required resources, and behavior are consistent with its stated purpose (refining ambiguous or high-risk prompts) and it does not request disproportionate privileges or credentials.
- Guidance
- This skill appears coherent and low-risk, but double-check two operational details before enabling it broadly: (1) confirm how 'session context' is scoped and whether that context can include sensitive or confidential user data — ensure the platform prevents inadvertent exposure to other subsystems or logs; (2) verify that the 'minimal preference event' sent to self-improving-session is truly a small label (choose_refined / choose_original, etc.) and never contains the full prompt or other identifying data. Also confirm the platform tooling used for confirmations (AskUserQuestion fallback) behaves as expected for your privacy/compliance requirements.
Review Dimensions
- Purpose & Capability
- okThe name/description match the runtime instructions and reference materials. It only needs to read the user's request and session context to decide whether to refine — which is coherent for a prompt-refinement skill. No unrelated binaries, env vars, or install steps are requested.
- Instruction Scope
- noteInstructions require reading the original request and current session context (expected for this task). The skill also asks to record minimal preference events for later summarization by a separate 'self-improving-session' skill; this is reasonable but worth auditing to ensure no full prompts or sensitive content are stored or leaked.
- Install Mechanism
- okInstruction-only skill with no install spec, no downloads, and no bundled code — lowest-risk installation profile.
- Credentials
- okNo environment variables, credentials, or config paths are requested. Requested access (session context and the immediate user request) is proportional to the skill's purpose.
- Persistence & Privilege
- okalways:false and default model invocation are appropriate. The skill does ask to emit small preference events for later summarization, but it explicitly warns not to store full refined prompts; this is consistent with limited persistence and limited privilege.