Skillv1.1.0

ClawScan security

Shadows Project Architect · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 7, 2026, 3:27 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only project-planning template whose requirements and runtime instructions are consistent with its stated purpose and request no elevated permissions or installs.
Guidance: This skill is an instruction-only project-planning template and appears internally consistent and low-risk. Before installing: (1) confirm you won't paste any secrets or proprietary credentials into prompts (the skill may ask detailed project/context questions); (2) because it's purely advisory, review generated plans for accuracy and security implications before acting on them; (3) watch for future updates that add install scripts, network calls, or env-var requirements — those would materially change the risk profile.

Review Dimensions

Purpose & Capability: okName, description, and SKILL.md all describe structured project planning and the instructions implement that workflow. The skill requests no binaries, env vars, or config paths, which is proportionate for a purely advisory planning tool. Minor metadata inconsistency: SKILL.md includes an 'openclaw.homepage' URL while the registry metadata lists 'Homepage: none' — this is likely benign bookkeeping but worth noting.
Instruction Scope: okSKILL.md confines the agent to asking questions, producing structured text (requirements, architecture, ADRs, task lists, critical path, milestones) and explicitly states it will not execute commands, read files, or make network calls. There are no instructions that reference system files, credentials, or external endpoints beyond an informational homepage URL in metadata.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only. That is the lowest-risk install mechanism and matches the declared pure-advisory purpose.
Credentials: okThe skill requires no environment variables, credentials, or config paths. This is proportional to a planning/architect role; there are no unexplained secret requests or unrelated credential needs.
Persistence & Privilege: okFlags show always:false and default autonomous invocation allowed (normal). The skill does not request permanent presence, nor does it instruct modifying agent/system configs. No elevated persistence or cross-skill config access is indicated.