SecurityClaw
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.
This skill appears safe to install for local security review. Start with the read-only scan command, inspect report.json, and only quarantine after confirming the findings. Keep generated reports private unless you have checked them for secrets. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A false positive could temporarily disable an installed skill by moving its folder, although the artifact says this is quarantine rather than deletion.
When the user enables --quarantine, the script automatically moves any skill it rates high severity into the quarantine directory.
if args.quarantine and SEVERITY_ORDER.get(sev, 0) >= SEVERITY_ORDER["high"]:
moved_to = quarantine_skill(sp, quarantine_dir)Run the scanner in read-only mode first, review the report, and use --quarantine only when you are comfortable moving flagged skill folders.
Reports may contain snippets of untrusted skill text, prompt-injection examples, or sensitive-looking strings from scanned files.
Findings include excerpts from scanned files, and those excerpts are written into the JSON report.
excerpt=clamp_excerpt(line.strip())
Treat scan reports as untrusted local security artifacts; do not publish them without reviewing and redacting secrets.