Back to skill
Skillv1.0.0
ClawScan security
Emotional Safety Fuse · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 10:24 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope align with its stated purpose of providing conversational emotional-safety cues and de-escalation; it is instruction-only, requests no credentials, and makes no unexpected system demands.
- Guidance
- This skill is internally coherent and lightweight, but before installing, verify the host agent's concrete behaviors: 1) Map the SKILL.md's 'host system emergency/professional-help protocols' to explicit, tested actions so the agent doesn't attempt inappropriate escalation. 2) Decide and document how sensitive conversational content is logged, stored, or transmitted (avoid retaining more than necessary and ensure consent). 3) Confirm how the skill is invoked and whether automated interventions (pausing or suggesting resources) are acceptable for your users. 4) Test with domain experts (clinicians or trained facilitators) to validate phrasing, cultural and accessibility adaptations, and thresholds for distress detection to minimize false positives/negatives. 5) Do not rely on this skill as a substitute for crisis services—ensure a clear and tested path to professional emergency support when indicated.
Review Dimensions
- Purpose & Capability
- okName and description (emotional-safety/de-escalation) match the SKILL.md content: defined distress signals, stop/validate/ground/offer-choices flow, recovery and escalation boundaries. No unrelated env vars, binaries, or install steps are requested.
- Instruction Scope
- noteInstructions stay within conversational safety boundaries and do not ask to read files, access credentials, or call external endpoints. The SKILL.md references switching to the host system's emergency or professional-help protocols without defining them — this is reasonable but somewhat open-ended and should be mapped to concrete host behaviors before deployment.
- Install Mechanism
- okNo install spec and no code files (instruction-only). Lowest-risk delivery: nothing is written to disk or downloaded by the skill itself.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. Its needs are minimal and appropriate for an instruction-only safety layer.
- Persistence & Privilege
- okalways is false and the skill does not request system-wide persistence or modify other skills. Model invocation is allowed (platform default) which is appropriate for a conversational safety layer; no additional privileged settings are present.