Skillv1.0.1

ClawScan security

Elen: Epistemic Decision Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 26, 2026, 4:10 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Instruction-only skill that coherently documents using a local Elen MCP server to record decisions; it does not request credentials or install code itself, but it expects the agent/platform to run an npx-hosted package (which you should verify/trust).
Guidance: This skill is an instruction-only integration that expects you to run a local 'Elen MCP' server via npx (@learningnodes/elen-mcp@0.1.1). Before installing/running that package, verify the npm package source and review its code or repository (or run it in an isolated environment) because the SKILL.md directs fetching code from the npm registry even though the skill metadata doesn't declare node/npx as required. Also ensure your agent/platform is permitted to run npx commands and that you are comfortable with the agent invoking those MCP actions automatically.

Purpose & Capability: noteThe SKILL.md describes using a local Elen MCP server to record decisions, which matches the skill name/description. Minor mismatch: the instructions assume the ability to run 'npx @learningnodes/elen-mcp@0.1.1', but the skill metadata lists no required binaries (node/npx). The dependency on npx/node should be declared.
Instruction Scope: okInstructions stay on-topic: they describe when/how to query and commit decisions and list specific MCP actions (suggest, get_competency, commit, supersede). They do not request reading unrelated files, credentials, or exfiltrating data.
Install Mechanism: noteNo install spec in the skill (instruction-only). The SKILL.md tells users/agents to configure the platform to run an npm package via npx. That is a reasonable approach for an instruction-only skill, but it implicates fetching code from the npm registry (@learningnodes/elen-mcp@0.1.1); you should validate and trust that package before running it.
Credentials: okNo environment variables, credentials, or config paths are requested by the skill, and the instructions do not ask for secrets. Proportional to the stated purpose.
Persistence & Privilege: okSkill is user-invocable and not always-included; it does not request persistent/system-wide modifications. Autonomous invocation is allowed by default on the platform but the skill itself does not demand elevated persistence.