Skillv1.0.0

ClawScan security

business-planner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 15, 2026, 7:09 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only business plan / pitch-deck generator and what it requests and describes is generally consistent with that purpose, though it implicitly assumes access to project workspace files and local tooling (git, browser/PDF conversion) without declaring them explicitly.
Guidance: This skill is instruction-only and generally coherent with its description, but before installing: 1) Confirm you are comfortable with the agent reading and writing files in your workspace (the SKILL.md references project files and versioned HTML outputs). 2) Expect the agent may need local tooling (git, a browser or pandoc/LibreOffice/Google Slides conversion workflow) to perform diffs and convert HTML→PDF/Slides; these are not declared as required binaries. 3) Review any generated outputs and automated diffs before sharing externally — verify citations (McKinsey/Gartner/etc.) and ensure no sensitive data from your workspace is included in business plans or pitch decks. 4) If you do not want the agent to access certain files, restrict its workspace or remove those files before use. If you want higher assurance, ask the maintainer to explicitly declare required binaries (git, converters) and any file paths the skill will read/write.

Review Dimensions

Purpose & Capability: okName and description (business plans, infra diagrams, pitch decks, iterative refinement) match the SKILL.md content. The features (HTML output, Mermaid diagrams, versioned HTML artifacts, slide guidance) are coherent with a 'business-planner' skill; no unrelated credentials, binaries, or services are requested.
Instruction Scope: noteThe SKILL.md explicitly references workspace-relative files (projects/gov-support/doyak-v10*.html, etc.), version-controlled outputs (v1→v12), and git-diff style tracking. That means the agent will need read/write access to the user's workspace and likely run git operations or otherwise manage files. The file-access expectation is reasonable for the stated functionality, but it is not explicitly declared in requires.config paths or as required binaries (e.g., git). There are no instructions to exfiltrate secrets or call external endpoints beyond citing public reports.
Install Mechanism: okNo install spec and no code files — instruction-only skill. This is the lowest-risk install mechanism; nothing will be downloaded or written by an installer from external URLs.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its outputs and guidance (HTML, Mermaid, slides) do not require secrets. However, because it expects to read/write workspace files and produce versioned outputs, users should be aware it may access project files present in the agent workspace.
Persistence & Privilege: okalways is false and disable-model-invocation is not set; the skill behaves like a normal, user-invoked instruction-only skill. It does not request permanent presence or attempt to modify other skills or system-wide settings in the SKILL.md.