Skillv1.0.0

ClawScan security

AI Orchestrator V5 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 10:04 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (an orchestrator that routes tasks to specialist agents) matches its files and runtime instructions; it requests no credentials or installs and contains no obvious incoherent or excessive demands.
Guidance: This skill appears coherent and matches its stated role as a multi-agent orchestrator. Before installing, confirm two runtime details: (1) where 'auto-save' checkpoints and logs are stored (location, retention, and encryption), and (2) the privacy/isolation guarantees for specialist agents (do they forward data externally or persist it). If you plan to route sensitive data (PII, PHI, secrets, financial details), restrict autonomous invocation or review/limit which specialist agents can be used. If you need stronger assurance, ask the publisher for a clear data-flow and storage policy or for the exact runtime implementation used to perform persistence.

Review Dimensions

Purpose & Capability: okName, description, and the two included files (SKILL.md and a large agent catalog) are consistent: the skill is an instruction-only orchestrator that selects among many specialist agents. There are no unrelated required binaries, environment variables, or config paths.
Instruction Scope: noteSKILL.md is high-level and stays within orchestration responsibilities (routing, selection, coordination, QA checkpoints). It does not contain commands to read system files, request unrelated credentials, or call external endpoints. However the instructions are broad/vague about persistence and 'auto-save' behavior and don't specify where checkpoints are stored or what data is logged, which grants the agent implementation-level discretion that should be reviewed.
Install Mechanism: okNo install spec or code files are present; the skill is instruction-only so nothing is written to disk or downloaded as part of installation.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The catalog contains agents for sensitive domains (healthcare, fintech, etc.), but those are expected for an orchestrator and are not themselves credentials or unexpected environment requirements.
Persistence & Privilege: notealways:false and default autonomous invocation are set (normal). The mention of 'Automatic Checkpoints — Auto-save progress' implies some persistence, but the skill does not state where or how data is stored. Confirm the runtime's storage/retention policies and whether the orchestrator will persist user inputs or outputs to external/system stores.