Skillv1.0.1

ClawScan security

FeaturePlanningAutoPilot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 7:39 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and behavior are internally consistent with a feature-planning assistant, but it will read and update workspace files (including its own SKILL.md and evolution.json) and may run local validations so you should be comfortable with those file and workspace modifications before installing.
Guidance: This skill appears to be what it says: a planning assistant. Before installing, be aware it will (when invoked) inspect repository files, may run local build/API validations, and will append/update evolution.json and SKILL.md to persist lessons. Ensure the agent only has access to repositories and credentials you trust, review any file changes the skill makes, and avoid providing DB or cloud credentials unless absolutely necessary for a specific validation step. If you want stricter limits, keep it user-invocable (not always-on) and run it in an isolated workspace or with version control so you can review and revert its edits.

Review Dimensions

Purpose & Capability: okName/description match the SKILL.md. No unrelated credentials, binaries, or installs are requested. The requested actions (scanning code state, producing step-by-step plans, capturing lessons) are coherent with a planning/Autopilot skill.
Instruction Scope: noteThe runtime instructions explicitly ask the agent to locate relevant pages/APIs/services, list affected files, perform local validations (builds, API checks), and append learnings to evolution.json and the 'Experience Enhancements' section of SKILL.md. These actions stay within the planning purpose but imply reading and writing repository/workspace files and running local checks—make sure the agent has permission and you expect those modifications.
Install Mechanism: okInstruction-only skill with no install spec or third-party downloads. Nothing will be written to disk by an installer; any file writes come from the agent following SKILL.md instructions.
Credentials: noteThe skill requests no environment variables or credentials. However, it asks the agent to inspect code, database state, and perform API or build checks; those actions may require additional access or credentials at runtime. The SKILL.md does not request or store secrets itself, which is proportionate, but users should avoid supplying unnecessary credentials to the agent.
Persistence & Privilege: notealways is false and the skill is user-invocable (expected). The instructions explicitly direct appending to evolution.json and syncing SKILL.md, so the skill will persist 'lessons learned' across sessions by modifying its own files. Modifying its own files is normal but notable—review what gets written and ensure you consent to persistent changes.