Skillv1.1.0

ClawScan security

Adaptive Socratic Questioning · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 15, 2026, 5:09 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only educational skill whose requested resources and runtime instructions match its stated purpose (Socratic follow-up questioning); nothing in the package asks for credentials, external installs, or unrelated system access.
Guidance: This skill appears coherent and low-risk: it is instruction-only, requests no secrets, and contains only pedagogical guidance. Before installing, consider: (1) Trigger scope — the README/skill metadata purposely include many trigger phrases and the author notes the description was made 'pushy'; if you want to avoid accidental activation, narrow triggers or require explicit user invocation. (2) Test with non-sensitive examples to confirm the phrasing and stage transitions meet your expectations (the SKILL.md is prescriptive about when to ask follow-ups). (3) Do not rely on this skill for counseling, medical, or emergency situations (the skill itself lists such non-applicable scenarios). If you remain comfortable with the trigger policy and the educational scope, this skill is consistent with its stated purpose.

Purpose & Capability: okName, description, skill.json triggers, SKILL.md algorithm, examples, and test/eval files all align with an education-focused follow-up-questioning capability. The artifacts and metadata are proportionate to the described purpose.
Instruction Scope: noteSKILL.md is an instruction-only implementation describing how to analyze student responses and generate question chains; it does not instruct the agent to read files, access credentials, or call external endpoints. One minor note: SKILL.md and README_SKILL_STATUS emphasize automatically loading the skill for many trigger phrases (and README_SKILL_STATUS admits the description was made 'pushy' to increase triggers). That is a usage/triggering policy decision rather than a technical risk, but it can cause over-invocation in unrelated conversations.
Install Mechanism: okNo install spec and no code files (instruction-only). Nothing is downloaded or written to disk. This is the lowest-risk install model.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. All required resources are internal to the SKILL.md content and examples, which is proportionate to an education skill.
Persistence & Privilege: okFlags show always: false and default autonomous invocation allowed. That is standard for skills. The skill does not request elevated persistence or modify other skills or system settings.