Skillv1.1.0

ClawScan security

Canvas Debate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 20, 2026, 5:07 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, required inputs, and outputs are coherent with its stated purpose (adversarially stress-testing a business canvas using the project codebase); nothing requested is disproportionate or unrelated.
Guidance: This skill appears to do what it says, but take the usual precautions before running it on a real repository: 1) review and remove any secrets/private keys from the repo or run the skill on a sanitized copy; 2) back up existing docs/business/ files (the skill will create/overwrite files there); 3) confirm the platform/execution environment does not automatically exfiltrate outputs to external services you don't trust; 4) if you want to limit scope, run it against a subset of the codebase or provide only curated canvas files rather than the entire project root. If you are concerned about autonomous invocation, keep the skill user-invocable and manually trigger runs after review.

Purpose & Capability: okName and description match the runtime instructions: the skill performs an adversarial debate over a business canvas and (optionally) the project's codebase. Requiring access to the codebase and canvas files and writing updated canvases to docs/business/ is consistent with a business-model stress test.
Instruction Scope: noteInstructions explicitly direct the agent to read the project root (the codebase) and any existing canvas files, run multiple debate rounds via internal subagents, and write outputs to docs/business/*. Reading the codebase is necessary for the stated goal, but because it doesn't restrict paths or note exclusion of secrets, the agent could access sensitive project files if they exist. The instructions do not call out transmission to external endpoints beyond writing repository files.
Install Mechanism: okNo install spec or code files are present; this is an instruction-only skill that relies on the platform to spawn subagents. No downloads or packages are required.
Credentials: okThe skill requests no environment variables, credentials, or config paths. This is proportionate: analyzing a codebase and canvases does not require external secrets in the skill metadata.
Persistence & Privilege: okalways:false and no install steps mean the skill does not request permanent presence or elevated platform privileges. It will write files to docs/business/ in the project workspace, which is expected behavior for this task.