Skillv2.0.0

ClawScan security

prd-impact-analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 27, 2026, 2:00 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, inputs, and absence of installs/credentials are internally consistent with a PRD→Spec analysis tool, but it reads project sources and includes an optional auto-generation step — review repository access and review gates before enabling autonomous runs.
Guidance: This skill appears coherent for turning PRDs into code-level Specs. Before installing, confirm (1) what repository or file-system access you will grant the agent — it needs read (and optionally write) access to source and PRD files; (2) whether you want the optional spec-to-code auto-generation enabled — keep the human-review step enforced if you want manual control; and (3) that any external tools referenced (e.g., MCP, kuspec) are trusted in your environment. If you are unsure which repos the agent will access, restrict its permissions or run the analysis on a sanitized mirror first.
Findings: [no-findings] expected: The static regex scanner found nothing — expected because this is an instruction-only skill with no code files for static analysis.

Review Dimensions

Purpose & Capability: okThe name/description (PRD impact analysis → code-level Spec generation) align with the SKILL.md content: parsing PRDs, analyzing backend/frontend code, assembling Specs and supporting workflows. Required capabilities (reading PRD and code directories, AST analysis, UI component detection) are coherent with the stated purpose.
Instruction Scope: noteInstructions expect access to PRD files and the project's source tree (backend and frontend directories) and reference an MCP tool for parsing documents and progressively loading code context. This is appropriate for the task but means the agent will read potentially sensitive code and documentation. The workflow also lists an optional spec-to-code-generator step with auto_generate: true — ensure human-review (step 5) is enforced if you don't want automatic code changes applied.
Install Mechanism: okNo install spec, no code files, and no binaries required. Being instruction-only minimizes install-time risk; nothing is downloaded or written by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. Its described actions (reading project files, producing Specs) do not require external secrets as part of the skill itself. If you grant the agent repository or storage access separately, those privileges are the only needed ones.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges. Model invocation is enabled by default (normal). The only autonomy-related point to consider is the optional spec-to-code-generator step (auto_generate: true); that could modify or produce code if connected to an execution pipeline — the workflow includes an explicit human-review step which is the right control.