Skillv1.0.0

ClawScan security

Org Role Handoff · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 3:48 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, templates, and instructions match its stated purpose (acting from organizational role perspectives); it requests no secrets, no external installs, and the runtime instructions only reference internal docs and templates — the only minor oddity is a small included script file that the SKILL.md never references.
Guidance: This skill appears coherent and low-risk: it only contains internal reference docs and templates and does not request secrets or external installs. Before enabling, you should (1) review the small script file (scripts/validate_role_scope.py) to confirm it does not run network calls or perform unexpected operations if the platform might execute bundled code, (2) confirm your agent platform will not autonomously run arbitrary files from the skill, and (3) ensure you are comfortable with the skill using its internal org-context as a default (it will assume that structure unless you provide a different one). If the script or any omitted files contain network calls, credential use, or instructions to read system data, re-check — that would change the assessment.

Review Dimensions

Purpose & Capability: okName/description match what the skill actually contains: role definitions, collaboration rules, templates, examples, and guidance for producing role-based outputs. There are no unrelated environment variables, binaries, or external services requested. One small code file (scripts/validate_role_scope.py, 246 bytes) exists in the package but is not referenced by SKILL.md; this is worth checking but does not, by itself, contradict the stated purpose.
Instruction Scope: okSKILL.md instructs the agent to identify the requested role, consult local reference files, use templates, and stay within role boundaries. It does not instruct reading system files, environment variables, making external network calls, or exfiltrating data. All runtime actions are limited to internal skill content and producing role-aligned responses.
Install Mechanism: okNo install spec is provided (instruction-only), so nothing will be written to disk or downloaded at install time. This is the lowest-risk install profile.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The runtime docs also do not reference any external secrets or platform credentials. The lack of requested credentials is proportionate to the skill's described functionality.
Persistence & Privilege: okThe skill does not request always:true and does not claim any elevated platform privileges. It does not instruct modifying other skills or system-wide configuration. Autonomous model invocation is allowed (platform default) and is not by itself a red flag here.