v1.0.1

taokynang

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:52 AM.

Analysis

This is a Vietnamese guide for creating Claude skills with a simple optional validator, and the provided artifacts show no credential access, network calls, persistence, or destructive behavior.

GuidanceThis skill appears safe for its stated purpose. Before installing, note that the source is not externally linked, and only run the included validator script on folders you intentionally want to validate.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry metadata does not provide an external source repository or homepage, so users have limited provenance context.

User impactUsers have less independent information about the publisher or development history, though the provided files themselves look coherent.

RecommendationReview the included files and publisher identity before installing, especially because no external source link is provided.

Unexpected Code Execution

SeverityInfoConfidenceHighStatusNote

scripts/validate_skill.py

if __name__ == "__main__": ... folder_path = sys.argv[1] ... success = validate_skill(folder_path)

The package includes a command-line Python helper that can be manually run against a chosen skill folder.

User impactIf run, the helper executes local Python code and reads the selected folder's SKILL.md to validate structure and frontmatter.

RecommendationRun the validator only on skill folders you intend to check; it does not appear to need elevated permissions or credentials.