Skillv0.1.2

ClawScan security

Writing Proofreading · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 6, 2026, 3:18 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only Chinese proofreading skill that is internally consistent with its stated purpose and does not request credentials or install persistent software, but it may run ephemeral npx tooling and write files in the user's workspace if given permission.
Guidance: This skill appears coherent for proofreading Chinese articles. Things to consider before enabling: 1) It may read whole articles and create files (e.g., move deleted text to a素材.md) — avoid sending sensitive secrets inside content. 2) Step 6 uses 'npx markdownlint-cli2' which will fetch and execute code from the npm registry on first run; if you prefer, install markdownlint-cli2 locally ahead of time or review the package before running. 3) The skill is instruction-only (no bundled code), so any file operations or tooling runs happen only when the agent is invoked and has permission to access your workspace — review and confirm those actions as they occur. If you’re comfortable with those points, the skill’s requests and instructions are proportionate to its purpose.

Purpose & Capability: okName, description, and included reference docs all describe a Chinese article proofreading workflow; the only external tool mentioned (markdownlint-cli2) is relevant to the Markdown-formatting step and is declared as optional.
Instruction Scope: okSKILL.md instructions stay within proofreading: reading paragraphs, proposing edits, asking questions, and (optionally) running markdownlint checks. It does instruct the agent to move removed content into a ‘素材.md’ file and to run npx commands for linting, which are reasonable behaviours for an editing workflow but do involve reading/writing user content and invoking external tooling.
Install Mechanism: okNo install spec or bundled code; the skill is instruction-only. The only runtime operation suggested is ephemeral use of 'npx markdownlint-cli2' (no persistent install). No downloads from untrusted URLs or archive extraction are specified.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. There is no disproportionate access to secrets or unrelated services.
Persistence & Privilege: okalways:false and default invocation settings. The skill does not request permanent presence, nor does it modify other skills or system-wide settings in the instructions. It may create or update files in the user's workspace as part of the editorial workflow if the agent is allowed to.