Back to skill
Skillv1.0.16
ClawScan security
Tun Zei · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 8:21 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are consistent with its stated purpose (simple diagnostics, simulated cleanup, and health checks); it does not request credentials, install external software, or perform unexpected I/O or network calls.
- Guidance
- This skill appears coherent and low-risk, but review a few practical points before installing: 1) SKILL.md cites integration with other skills — check those other skills' permissions and credentials (they could expand what happens at runtime). 2) The cleanup implementation only simulates file removal (it lists and counts old files but does not delete them); if you expect destructive cleanup, confirm and audit any changes. 3) Run it in a sandboxed environment or with limited filesystem permissions first to confirm behavior. 4) If you plan to let the agent invoke this autonomously, ensure the agent's scope of action (especially cross-skill calls) is acceptable.
Review Dimensions
- Purpose & Capability
- okThe name/description claim automatic error fixing, cleanup, and health checks. The provided JS implements lightweight implementations of those features (string-based error hints, simulated cleanup using TEMP directory, and local health checks using os module). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- noteSKILL.md documents the same three capabilities and also lists other skills it can 'call' (healthcheck, video-frames, douyin-video-publish, self-improving, etc.). The JS file does not perform cross-skill calls itself. The cross-skill references are a logical integration note — not an active instruction to exfiltrate data — but you should be aware that runtime integration with other skills could broaden behavior depending on those skills' permissions.
- Install Mechanism
- okNo install spec is provided (instruction-only). A single small JS file is included but there is no automated download or extraction from remote URLs. This is low installation risk.
- Credentials
- okThe skill requests no environment variables or credentials. It reads process.env.TEMP if present (reasonable for cleanup). There are no requests for secrets, cloud credentials, or unrelated config paths.
- Persistence & Privilege
- okThe skill is not marked always:true and does not modify other skills or agent-wide settings. It does not persist credentials or install background services.