Back to skill
Skillv1.0.0
ClawScan security
backend-developer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 1:55 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only 'senior backend developer' skill whose instructions and requirements are coherent with its stated purpose, but it explicitly asks agents to gather broad system context (which may include sensitive information) so you should control what context and secrets it is given.
- Guidance
- This skill appears coherent and low-risk in itself because it's instruction-only and asks for no installs or declared credentials. However, it explicitly instructs the agent to gather comprehensive system context (API architecture, DB schemas, auth flows), which can include sensitive data. Before installing or invoking: (1) limit the agent's access to only the specific, minimal context it needs (provide sanitized/read-only schemas or architecture diagrams rather than credentials), (2) avoid pasting secrets (DB passwords, API keys) into prompts, (3) consider running the agent in a sandboxed environment or with human-in-the-loop checks for any actions that touch production systems, and (4) verify any code or configuration changes produced by the agent before deploying to production.
Review Dimensions
- Purpose & Capability
- okThe name/description (senior backend engineer) matches the SKILL.md content: architecture analysis, API design, DB schemas, security, testing, and production-readiness. There are no unrelated env vars, binaries, or installs requested.
- Instruction Scope
- noteThe runtime instructions require the agent to 'Query context manager for existing API architecture and database schemas' and to 'acquire comprehensive system context' before implementing. That is reasonable for implementation work, but it can legitimately include sensitive artifacts (DB schemas, connection strings, auth flows). The SKILL.md does not instruct indiscriminate file or secret harvesting, but it leaves broad discretion to the agent to collect context.
- Install Mechanism
- okNo install spec and no code files—instruction-only. Low risk: nothing is written to disk and no external packages or downloads are required.
- Credentials
- noteThe skill declares no required environment variables or credentials. However, the tasks it describes (database migrations, OAuth2, third-party API integration, config validation) commonly require secrets/connection strings at runtime. Because those credentials are not declared, make sure you only supply minimal, scoped, and read-only context when invoking the agent.
- Persistence & Privilege
- okalways is false and there is no install behavior. The skill does not request persistent presence or modifications to other skills or system-wide settings.