Back to skill
Skillv1.0.2
ClawScan security
Reddi Agent Evaluation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 10:19 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only agent-evaluation skill that is internally consistent with its stated purpose: it requests no credentials or installs and contains only guidance and test cases — the only minor mismatch is the declared python3 binary requirement despite no shipped code.
- Guidance
- This skill appears coherent and low-risk: it only provides guidance and test cases for evaluating LLM agents and requires no secrets or installs. Before installing, consider: (1) confirm why python3 is declared — if you have no intent to run external Python scripts this requirement is unnecessary; (2) note that metadata permits outbound network calls (standard for calling an LLM API) — ensure your agent's configured LLM endpoints and keys are ones you trust; (3) because this is instruction-only, future versions could add code or env requirements — re-review on updates. If you plan to run any evaluation scripts referenced in your own workflows, run them in a controlled environment and audit any code they download.
Review Dimensions
- Purpose & Capability
- noteName/description, SKILL.md content, and included test cases all describe agent evaluation and benchmarking. The declared required binary (python3) is surprising because the skill is instruction-only and ships no runnable code; it may be harmless (a generic dependency hint) but is disproportionate to the provided files.
- Instruction Scope
- okThe instructions are focused on designing and running evaluation tests, statistical approaches, and anti-patterns. They do not instruct the agent to read arbitrary files, exfiltrate data, or call unexpected external endpoints. The metadata allows outbound network calls for LLM API usage, which matches the skill's purpose of scoring agents.
- Install Mechanism
- okThere is no install spec and no code files to download or execute. This is the lowest-risk model for an OpenClaw skill.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths. That aligns with an instruction-only evaluation guide.
- Persistence & Privilege
- okThe skill is not force-included (always: false) and uses normal autonomous invocation semantics. It does not request persistent system-wide changes or other skills' credentials.