Back to skill
Skillv1.0.0
ClawScan security
java-enterprise · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 2:51 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This is an instruction-only Java enterprise development skill with coherent Spring/JVM guidance and no evidenced tool, credential, install, persistence, or data-access behavior.
- Guidance
- This skill appears safe to install as a Java enterprise guidance aid. As with any code-generation skill, review generated code before using it in production, especially security, logging, database mutation, and JVM diagnostic settings.
Review Dimensions
- Purpose & Capability
- okThe artifacts describe Java, Spring Boot, microservices, JPA, reactive programming, security, and JVM optimization guidance consistent with the declared purpose.
- Instruction Scope
- okThe skill provides expert guidance and code examples; there are no instructions to override user intent, force tool use, or perform autonomous high-impact actions.
- Install Mechanism
- okNo install specification, binaries, package dependencies, helper scripts, or code execution requirements are present.
- Credentials
- okThe metadata declares no required environment variables, credentials, config paths, or OS-specific access, which is proportionate for an instruction-only development skill.
- Persistence & Privilege
- okThe artifacts do not request persistent background operation, elevated privileges, local indexing, credential stores, or durable agent memory.