Skillv1.0.1

ClawScan security

Session Log · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 20, 2026, 8:48 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it says — lightweight local session logging using a small helper script and shell append instructions; nothing in the files or instructions requests unrelated credentials, network access, or unusual system privileges.
Guidance: This skill is straightforward and appears safe: review the small script (it is included) and run it with a directory you control (e.g., a workspace/sessions folder). Note the script uses CST (UTC+8) for timestamps — change if you need local time. Do not point --dir at sensitive system directories. Because it writes files where you tell it to, ensure appropriate filesystem permissions and avoid exposing the sessions folder to external services if those logs contain sensitive conversation content.

Purpose & Capability: okName/description match the provided artifacts: an instruction-only skill plus a small Python helper to create timestamped session files. Required resources are local filesystem paths which are appropriate for a logging utility.
Instruction Scope: okSKILL.md only instructs creating files in user-specified sessions directories, appending one-line summaries, and globs for daily reports. It does not instruct reading unrelated files, accessing environment variables, or sending data to external endpoints.
Install Mechanism: okNo install spec; the skill is instruction-only with a tiny script. No downloads, package installs, or archive extraction are present.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The helper script only needs a user-supplied --dir path and uses local time; this is proportional to its purpose.
Persistence & Privilege: okThe skill is not force-included (always:false) and does not attempt to modify other skills or global agent config. It writes files only to the directory the user supplies.