Back to skill
Skillv1.0.0
ClawScan security
architect-reviewer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 12:49 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (architecture review) matches its instructions and it requests no credentials, installs, or unusual system access.
- Guidance
- This skill is instruction-only and internally consistent with its stated goal. Before installing, confirm you trust the skill publisher (source is unknown), and ensure your agent's context manager and any documents you provide are scoped appropriately — the skill will operate on whatever architecture artifacts you feed it. Because it can be invoked autonomously by the agent, consider limiting its access to sensitive architectures or production-only documents until you are confident in its recommendations.
Review Dimensions
- Purpose & Capability
- okName/description align with the SKILL.md checklist and runtime steps: it instructs the agent to review designs, diagrams, trade-offs, scalability, security, and provide recommendations — all coherent with an 'architecture reviewer'.
- Instruction Scope
- okRuntime instructions are limited to querying the agent's context manager for system architecture and then analyzing documents, diagrams, and design decisions. There are no directives to read arbitrary files, access environment variables, or call external endpoints beyond the agent's normal context.
- Install Mechanism
- okNo install spec and no code files — this is instruction-only, so nothing is written to disk or fetched at install time.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. The lack of requested secrets is proportionate to the skill's stated purpose.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide changes. It does not modify other skills' configs or request elevated privileges.