Skillv0.1.1

ClawScan security

Anti Panic Protocol · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 18, 2026, 7:45 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill that gives retry/escalation rules for handling tool failures; it requests no credentials, installs nothing, and its instructions are consistent with its stated purpose.
Guidance: This skill is instruction-only and appears low-risk: it provides rules for how the agent should retry and escalate after failures and asks for nothing extra. Before installing, consider: (1) if you rely on the agent to verify external actions, ensure the agent already has appropriate, minimal access to those services (the skill itself does not request credentials); (2) the SKILL.md prohibits sending raw traces but doesn't prescribe exact redaction — if you need strict redaction rules, add them to your agent policy; and (3) because the skill can be invoked autonomously by default, make sure you trust your agent's configured tool permissions so verification checks or escalation steps won't cause unwanted actions. If those points are acceptable, the skill is coherent with its purpose.

Purpose & Capability: okThe name/description (handle failures, bounded retries, safe escalation) matches the SKILL.md content. There are no unexpected required binaries, env vars, or installs that would be inconsistent with this purpose.
Instruction Scope: okThe runtime instructions are narrowly focused on detecting failures, making up to two safe fix attempts, verifying outcomes, and escalating in user-friendly language. They do not instruct the agent to read unrelated files, harvest credentials, or transmit data to third-party endpoints. The verification steps imply the agent must check that an action completed (e.g., message sent, file written) which is appropriate for this purpose.
Install Mechanism: okNo install spec and no code files — instruction-only. This minimizes risk because nothing is downloaded or written to disk.
Credentials: okThe skill declares no environment variables, credentials, or config paths. The actions it prescribes do not require additional secrets beyond whatever the agent already has for the tools it is using.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request permanent presence or attempt to modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but is not combined with other concerning privileges.