Skillv1.0.1

ClawScan security

Bible Research · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 27, 2026, 10:29 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose as a Jehovah's Witness–style Bible research assistant: it needs no extra system access, credentials, or installs and its instructions align with the described behavior.
Guidance: This skill appears coherent and focused: it will perform web searches (preferring wol.jw.org/jw.org), quote the New World Translation, and follow the included JW doctrinal framework. Before installing, consider: (1) you will get answers from a clearly Jehovah's Witness doctrinal perspective — if you need neutral scholarship, ask for explicit non-JW comparisons; (2) test the skill with a few sample queries and verify any quoted scripture text and URLs against wol.jw.org (the skill's guardrails prohibit fabricating verses, but you should spot-check); (3) the skill will perform external web fetches — ensure your environment/policy allows that if you have network restrictions; (4) do not expect the skill to require or access any secrets or system files (it doesn't). If you want greater assurance, ask the developer to confirm which agent tools (web_search/web_fetch) will be used at runtime and to provide example outputs for a few queries so you can verify behavior.

Purpose & Capability: okThe name, description, and included reference files all match a JW-style Bible research tool. There are no requested environment variables, binaries, or config paths that are unrelated to this purpose.
Instruction Scope: noteSKILL.md directs the agent to use web_search/web_fetch patterns and to prioritize wol.jw.org/jw.org and the NWT; it also requires consulting the provided references/ files. That necessarily involves external web queries and returning URLs/quotes, which is expected for a research skill. The instructions do not ask the agent to read local system files, collect unrelated credentials, or send data to unknown endpoints.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only. This is the lowest-risk model: nothing is downloaded or written to disk by the skill itself.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its external access is limited to web search/fetch operations described in the instructions, which are proportional to a research task.
Persistence & Privilege: okalways:false and user-invocable:true. disable-model-invocation is false (normal default), so the skill may be invoked autonomously by the agent per platform rules, but it does not request permanent presence or elevated privileges and does not modify other skills.