Back to skill
Skillv1.0.0
ClawScan security
Caring · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 10:03 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only
- Guidance
- This skill is instruction-only and internally consistent with its purpose: it asks the agent to run a structured, candid quality review and produce a fixed-format response. There is no code, no network endpoint, and it requests no secrets. Before installing, consider: (1) how you plan to use it — don't send highly sensitive secrets or private PII as the 'deliverable' to be reviewed; (2) the skill's tone is explicitly blunt (it instructs the agent not to soften criticism), so expect direct feedback; (3) review the example outputs to ensure the format and bluntness fit your workflow; (4) if you prefer manual control, turn off autonomous invocation so the skill runs only when you call it. Overall this skill appears coherent and proportionate to its stated purpose.
Review Dimensions
- Purpose & Capability
- okName and description (a structured quality review called 'Caring') match the contents of SKILL.md and the included examples. The skill requests no binaries, env vars, or config paths — which is appropriate for a purely instructional review tool.
- Instruction Scope
- okSKILL.md defines a clear, narrow runtime behavior: apply six specific review checks and produce a fixed markdown-style report. It does not instruct the agent to read system files, access environment variables, call external endpoints, or exfiltrate data. The scope is limited to analyzing the user-provided deliverable.
- Install Mechanism
- okNo install specification and no code files beyond markdown examples — the skill is instruction-only. That is the lowest-risk install model (nothing written to disk or downloaded by the skill).
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. There are no requests for secrets or unrelated service tokens, which is proportionate to its stated purpose.
- Persistence & Privilege
- noteFlags are defaults: always:false, user-invocable:true, disable-model-invocation:false. Allowing the agent to invoke the skill autonomously is the platform default; this is not itself a red flag. If you want manual control, you can disable autonomous invocation in the agent settings.