Skillv2.0.0

ClawScan security

Intent Align · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 26, 2026, 7:35 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: An instruction-only orchestration framework that is coherent with its stated purpose and does not request credentials or install code; adapter-level auth is described but must be supplied explicitly when used.
Guidance: This skill is an instruction-only orchestration template and appears internally consistent. It does not ask for credentials or install software by itself, but when you bind adapters (e.g., GitHub, local-repo, tracker) the agent will ask you to provide appropriate access (tokens, filesystem paths, scopes). Before granting access: (1) limit tokens to least privilege (read-only where possible), (2) verify any ad-hoc adapter specs the agent generates (check provenance fields like created_by/created_at and tool_access_required), (3) prefer local or read-only modes if you don't want remote writes, and (4) be cautious allowing autonomous runs that have write access to repositories or trackers — require strictness or manual confirmations for high-risk operations. If you want more assurance, test the skill in a sandbox workspace with limited permissions first.

Purpose & Capability: okThe name and description match the content: templates and runtime instructions for running an intent-alignment hub and selecting adapters. Declared requirements are minimal (none), and the adapters documented (local repo, GitHub, generic tracker) are expected for a coordination/orchestration skill.
Instruction Scope: noteSKILL.md and referenced docs instruct the agent to read the shipped references, create/maintain an alignment hub, run gates, and bind adapters. This scope is appropriate for an orchestration skill. Note: the adapters explicitly describe requiring filesystem or GitHub credentials when those adapters are selected — that behavior is reasonable but means the agent will request access at adapter binding time.
Install Mechanism: okInstruction-only skill with no install spec and no code files to execute; lowest-risk installation footprint.
Credentials: okThe skill itself declares no environment variables, secrets, or config paths. Adapter docs describe requiring credentials (e.g., GitHub token, filesystem access) when those adapters are used — that is proportionate and expected for the described adapters.
Persistence & Privilege: okalways is false and model invocation is allowed (default). The skill does not request persistent system-wide changes or modify other skills. Autonomous invocation is normal for skills; no additional privileged persistence is requested.