Back to skill
Skillv1.1.0
ClawScan security
Shadows Bug Hunter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 2:37 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are coherent with its stated purpose (structured debugging); it reads and temporarily edits repository files and may run the project's test suite, which is expected for a debugging tool but requires user caution on untrusted code.
- Guidance
- This skill appears to do what it says: it reads your repo, may inject temporary debug prints into source files, and can run your project's tests. Those are normal debugging actions but can be dangerous on untrusted code (tests execute arbitrary repository code). Before using: ensure you run it only on trusted repositories or inside a sandbox/container, have a clean git working tree and backups, review any injected changes before committing, and verify the 'cleanup' step happened (inspect diffs). If you cannot or will not sandbox test execution, avoid triggering Technique 4 (Test-Driven Fix).
Review Dimensions
- Purpose & Capability
- okName and description are a debugging protocol; required binary (git) and optional test runners (pytest/jest/vitest) match the declared techniques. No unrelated env vars, binaries, or config paths are requested.
- Instruction Scope
- noteSKILL.md instructs the agent to read repository files, run 'git log', temporarily inject debug statements into source files, execute project test suites, and then remove injected debug code. These actions are within the scope of a debugging skill, but they do include modifying files and executing repository code (the document explicitly warns to sandbox untrusted repos). The cleanup step is explicit but relies on the agent actually performing the verification and on a correct list of modified files.
- Install Mechanism
- okNo install spec (instruction-only). No downloads or package installs — lowest-risk install posture.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The optional detection of test runners is local to the repository and matches the skill's purpose.
- Persistence & Privilege
- okalways is false, the skill does not request persistent presence or modify global agent settings. It does modify repository files temporarily as part of debugging, which is expected behavior and documented.