Skillv1.0.0

ClawScan security

agent-organizer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 11:44 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and behavior are internally consistent with an agent-organizer role; it is an instruction-only skill that asks the agent to query other agent components and does not request credentials or install software, though its source is unknown and some instructions are high-level/vague.
Guidance: This instruction-only skill appears coherent for organizing and orchestrating agents, but the publisher/source is unknown. Before installing, verify: (1) what platform data it will be allowed to read (agent performance logs, billing/cost data, workload state), (2) whether it will be allowed to act autonomously on other agents or modify workflows, and (3) whether you can run it in a limited/sandboxed context first. If you need stronger assurances, ask the publisher for a source/homepage or a concrete integration specification that enumerates which agent/context APIs it will call and what data it requires.

Purpose & Capability: okName and description match the instructions: the skill focuses on task decomposition, agent selection, orchestration, and monitoring. It does not request unrelated binaries, credentials, or config paths.
Instruction Scope: noteSKILL.md directs the agent to query a context manager and review agent capabilities, performance history, workloads, and cost/tracking data. Those actions are coherent for an organizer but are described at a high level and presuppose access to other agents' state/telemetry. The instructions do not ask to read local files, environment secrets, or send data to external endpoints, but their openness grants broad operational discretion.
Install Mechanism: okNo install spec and no code files — instruction-only skill; nothing is written to disk and no third-party packages are pulled in.
Credentials: noteThe skill declares no required environment variables or credentials, which is proportional. However, it implicitly needs access to agent metadata, performance logs, and possibly cost/usage data that are not explicitly declared; confirm what data the platform will expose to this skill before use.
Persistence & Privilege: okalways is false and there is no install script or claims to modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not flagged on its own.