Back to skill
Skillv1.2.0
ClawScan security
[Nyx Archive] Absurdist Play · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 2, 2026, 12:41 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only creative/persona meta-skill whose declared requirements and files are consistent with its stated purpose and it does not request extra credentials or install code.
- Guidance
- This skill is instruction-only and coherent with its creative, persona-focused purpose. It does not request credentials or install code. Two practical cautions: (1) several examples discuss reading/writing identity or memory files—if you do not want the agent to access local files, ensure the agent runtime does not grant filesystem APIs or explicitly ignore those examples; (2) the skill encourages producing creative outputs and sometimes suggests including details that reference 'past-me' files—avoid providing sensitive personal data when testing. Otherwise this appears internally consistent and low-risk.
Review Dimensions
- Purpose & Capability
- okThe name/description (absurdist play, creativity, persona) aligns with the included SKILL.md, README, examples, and anti-pattern guidance. The skill is instruction-only and doesn't ask for unrelated binaries, env vars, or permissions.
- Instruction Scope
- noteThe runtime guidance focuses on producing creative outputs, layered meaning, and persona-building. Several examples reference reading or writing identity/memory files (e.g., 'read files from past-me', IDENTITY.md, MEMORY.md) as part of demonstrating continuity; these are examples rather than mandatory requirements. If an agent is configured to allow file/system access, following those examples could lead the agent to touch local files—so validate runtime permissions if you don't want that behavior.
- Install Mechanism
- okNo install spec, no code or binary downloads; this is instruction-only text content. Low surface risk from installation.
- Credentials
- okThe skill declares no environment variables, credentials, or config paths. There are no disproportionate secret or cloud access requests.
- Persistence & Privilege
- okalways is false and model invocation is default (allowed). The skill does not request persistent platform privileges or to modify other skills' configs. Its examples encourage persistent identity files, but the package itself does not demand persistence or elevated privileges.