Back to skill
Skillv1.0.0
ClawScan security
System Continuity Check · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 10:45 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only checklist skill for reviewing system continuity and restart/auto-recovery patterns; its requirements and instructions are consistent with its stated purpose and it does not request credentials or install code.
- Guidance
- This skill appears coherent and low-risk: it is a static checklist and gives design recommendations without requesting credentials or installing code. Before installing, consider: (1) the trigger keywords are broad — if you want to avoid accidental activations, restrict when it can run or make it user-invocable only; (2) the source/homepage is unknown — if provenance matters, prefer skills from known authors; (3) review the checklist text to ensure recommendations match your environment (Windows vs Linux service advice); and (4) because it can invoke autonomously by default, confirm you are comfortable with automatic activations in design conversations.
Review Dimensions
- Purpose & Capability
- okName, description, and included files (checklist_template.md, error_patterns.md, SKILL.md) all align: the skill provides a lightweight continuity checklist and guidance; it does not request unrelated binaries, env vars, or config access.
- Instruction Scope
- noteSKILL.md contains only checklist-driven diagnostic questions and short actionable suggestions; it does not instruct reading system files, accessing external endpoints, or exfiltrating data. Note: the trigger keywords are broad and the skill is intended to auto-activate when users discuss system design, so it may run frequently or in contexts where the user did not expect it.
- Install Mechanism
- okNo install specification and no code files — instruction-only. This minimizes disk writes and execution risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The runtime instructions do not reference secrets or external services.
- Persistence & Privilege
- notealways is false (good). The skill allows normal autonomous invocation (disable-model-invocation: false), which is platform default — acceptable here but combined with broad trigger keywords it may lead to unwanted activations. It does not request persistent system-level changes or modify other skills.