Back to skill
Skillv2.20.0
ClawScan security
Superpower with Files · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 7:37 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions are consistent with its stated purpose (a local, file-backed planning + TDD workflow); it reads/writes local project files and some IDE session storage but does not request external credentials or perform unexpected network installs.
- Guidance
- This skill is internally consistent for a local, file-based planning and TDD workflow, but it will read and write files in your project (creating a .superpower-with-files directory by default) and can scan local IDE session stores (e.g. ~/.claude) and git history to recover context. Before installing: (1) review session-catchup.py and the hook scripts to confirm you are comfortable with the skill reading your local conversation/session files; (2) run it in a test or non-sensitive repository first; (3) remove or sandbox any IDE session folders you don't want the skill to access (or set environment variables the scripts use to point to a safe location); and (4) if you have highly sensitive session data, avoid granting the skill access or disable autonomous invocation in your agent until you've audited behavior.
Review Dimensions
- Purpose & Capability
- okName/description promise a local, file-backed planning + TDD workflow. The repo contains templates, scripts, and skill manifests that create and manage task_plan.md, findings.md, progress.md and provide helper hooks — all expected for that purpose. No required env vars or external services are declared, which matches a local workflow.
- Instruction Scope
- noteRuntime instructions and hooks routinely read and write project files and call git/powershell/python utilities. session-catchup.py attempts to read local IDE session stores (e.g. ~/.claude, OpenCode locations) to recover conversation history; hooks also read task_plan.md before tool use. This behavior is coherent with 'persistent memory' recovery, but it means the skill will ingest local session data and git history into agent context — a sensitive but expected action for this skill.
- Install Mechanism
- okThere is no install spec (instruction-only skill with shipped scripts). No remote downloads, package installs, or extract-from-URL actions are present in the provided files. Files will be copied into the agent's skill folder on install, which is standard for skills of this type.
- Credentials
- okThe skill does not require secrets or service credentials. It references environment variables (e.g. OPENCODE_DATA_DIR, CLAUDE_PLUGIN_ROOT) to locate IDE-specific storage but does not declare required credentials. This is proportionate to its goal of locating local IDE session storage and plugin templates.
- Persistence & Privilege
- okThe skill is not marked always:true. It contains skill hooks (PreToolUse/PostToolUse/Stop) and can be invoked autonomously by default (platform standard). It does not attempt to modify other skills' configs or request system-wide privileges beyond reading/writing project files and reading IDE session storage.