Back to skill
Skillv0.1.0
ClawScan security
Citation Verifier · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 7:28 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only helper that stays focused on verifying and normalizing a single citation and does not request unrelated credentials, installs, or system access.
- Guidance
- This skill appears coherent and low-risk: it only describes verifying a single citation and does not request credentials or install anything. Two practical points before installing: (1) the SKILL.md assumes platform tools named verify_citation and fetch exist — if your agent environment lacks them the skill won't work, so confirm those tool hooks are available; (2) the skill will likely call external metadata services when 'fetch' runs — ensure you trust the agent's network integrations (APIs it will contact) since the SKILL.md does not name specific endpoints. If those two checks are fine, the skill is reasonable to enable.
Review Dimensions
- Purpose & Capability
- okThe name and description match the instructions: accept a DOI/ID/string, run verification, then fetch the resolved record. It does not ask for unrelated resources or permissions.
- Instruction Scope
- noteInstructions are narrowly scoped to verification and fetching. They assume the existence of two tools (verify_citation and fetch) — these are not defined in SKILL.md but are reasonable platform-provided tools; if those tools are not available the skill will fail. The instructions do not ask the agent to read files, environment variables, or unrelated system state.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so nothing will be written to disk or installed during install.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths and does not request access to unrelated secrets.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-level privileges or to modify other skills or settings.