Back to skill
Skillv1.0.0
ClawScan security
greetr · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 8:55 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- A simple, instruction-only greeting skill that only uses the system time to choose an appropriate greeting — internally consistent and low risk.
- Guidance
- This skill is low risk: it only instructs the agent to produce time-aware greetings and has no installs or credential requests. If you plan to allow autonomous invocation, note that the agent could call this skill whenever it detects a greeting — that's expected. If you want more personalization (for example using the user's name), verify whether the skill will access user profile data before enabling that behavior; as written it does not request or instruct reading personal data or secrets.
Review Dimensions
- Purpose & Capability
- okName and description (friendly personalized greetings) match the content of SKILL.md. The skill requests no binaries, env vars, or external services, which is proportionate for a greeting capability.
- Instruction Scope
- okRuntime instructions are limited to producing short greetings and using the current system time to determine time-of-day phrasing. The SKILL.md does not instruct reading unrelated files, environment variables, or sending data to external endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This is the lowest-risk install model and consistent with the stated purpose.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. There is nothing disproportionate requested relative to a greeting feature.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request persistent presence, modify other skills, or access system credentials.