Back to skill
Skillv1.0.0
ClawScan security
Bugfix Without Diagnosis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 25, 2026, 6:14 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, policy-style skill (guidance for proposing fixes) with no code, installs, or secret requirements and its contents align with the stated purpose.
- Guidance
- This skill is low-risk: it's purely a guideline for proposing bug fixes and asks for no permissions, binaries, or installs. Before installing, confirm you want your agent to have this review-style guidance available (it may influence how the agent suggests fixes). Also remember this is advisory text — it won't enforce checks and the agent could still make incorrect changes if combined with other skills or instructions.
Review Dimensions
- Purpose & Capability
- okThe name and description describe review/fix guidance and the SKILL.md contains exactly that guidance. No unexpected binaries, env vars, or config paths are requested.
- Instruction Scope
- okSKILL.md provides reviewer/developer guidance (how to reason about root cause versus symptom). It does not instruct the agent to read arbitrary files, access credentials, call external endpoints, or perform system actions.
- Install Mechanism
- okNo install specification or code files are present; this is instruction-only so nothing is written to disk or downloaded.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths — which is appropriate for a policy/guidance document.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent presence or modify other skills or system settings.