Skillv1.0.0

ClawScan security

autonomous-agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 1:55 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only autonomous-agent prompt that is internally consistent with its stated purpose but is very high-level and grants broad discretion to the agent, so you should apply operational guardrails before using it.
Guidance: This skill is essentially a high-level autonomous-agent prompt — it's coherent with its description and doesn't request secrets or installs. However, it intentionally grants the agent wide latitude (selecting tools, executing steps, learning from outcomes). Before installing or invoking it: (1) verify the skill's provenance and whether you trust the owner; (2) run it in a sandbox or test environment first; (3) restrict which other skills/tools and credentials the agent can access (least privilege); (4) require human approval for high-risk actions and instrument auditing/logging; (5) ask the publisher for explicit constraints (allowed tools, where logs are stored, persistence behavior) if you need stronger assurances. Additional information that would raise confidence: source code or provenance, explicit guardrails/allowed-tool list, examples of safe failure modes, and where experience logs are persisted.

Purpose & Capability: okThe name and description (Tier 3 autonomous agent) match the SKILL.md: the file defines goal-directed planning, adaptive learning, self-correction, and autonomous decision-making. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope: noteInstructions are high-level and intentionally grant broad autonomy (tool/library selection, execution, retries, optimizations). The SKILL.md does not reference system files, credentials, or external endpoints, but it also does not enumerate constraints, allowed tools, or where 'experience logs' are stored — leaving substantial operational discretion to the agent.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes installation risk because nothing is written to disk or downloaded by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. There is no apparent need for secrets or system access based on the content provided.
Persistence & Privilege: notealways is false (normal). The skill enables autonomous behavior by design (which is platform-default), but because it grants broad decision-making authority, it could exercise other platform capabilities or other installed skills — so combine it only with appropriate guardrails and restricted tool/credential access.