Back to skill
Skillv0.1.0
ClawScan security
Memory Notes · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 2:07 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only authoring guide for writing Basic Memory notes; it requests no credentials, makes no installs, and its instructions match its stated purpose.
- Guidance
- This skill is an authoring/style guide for creating notes and appears internally consistent and low risk. Before enabling: confirm whether your agent/platform exposes a write_note or memory API and what credentials or permissions that API requires (this skill describes the expected format but doesn't request credentials itself). If you allow the agent to autonomously create notes, review the agent’s permissions for the memory store so it can only write to intended locations. Otherwise, it's safe to use as a documentation/template resource.
Review Dimensions
- Purpose & Capability
- okName/description (
- Instruction Scope
- okSKILL.md contains only formatting and writing rules for markdown notes and examples. It does not instruct reading arbitrary files, accessing environment variables, or sending data to external endpoints.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. That is the lowest-risk model and consistent with the skill's purpose.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The content references other skills (memory-schema) for schema details, which is a reasonable cross-reference and does not demand extra secrets.
- Persistence & Privilege
- okSkill is not always-enabled and does not request system-wide persistence or permissions. It does mention an API-style operation (write_note) in a descriptive way but does not attempt to modify other skills or agent config.