Skillv1.0.0

ClawScan security

Argument Organization Reviser · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 25, 2026, 1:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only structural-revision helper whose declared inputs and runtime instructions align with its stated purpose and request no unrelated credentials or installs.
Guidance: This skill looks coherent and focused on structural revision. Before using it, note: (1) you will be asked to provide the full draft (pasted text or a local file path) — that content can be sensitive, so avoid submitting personally identifying data or proprietary material unless you trust the environment; (2) if you provide a local file path the agent will read that file — only grant paths you intend to share; (3) the skill does not request credentials or install code, but confirm your agent's privacy and logging settings if you are concerned about retention or external transmission; (4) if you prefer, submit excerpts or redacted drafts instead of the full manuscript. If you want further assurance, ask the publisher/owner for their privacy policy or request the skill's maintainer to sign a data-handling statement.

Purpose & Capability: okName, description, and tasks describe top-down structural revision of research drafts and the SKILL.md only asks for a draft (pasted text or file path) and contextual metadata; the declared dependency on a research-planner is reasonable. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope: noteThe instructions ask the agent to request and read a user's full or partial draft (pasted text or a file path) and optional contextual info (field, audience). This is appropriate for the purpose, but it means the skill will handle potentially sensitive user content and may access local files if a path is provided. The SKILL.md does not instruct reading unrelated system files, environment variables, or sending data to external endpoints.
Install Mechanism: okNo install specification and no code files — instruction-only. This minimizes disk writes and third-party code execution risk.
Credentials: okThe skill requests no environment variables, credentials, or config paths beyond the user's draft; requested inputs are proportional to the stated task.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent system presence. Autonomous invocation is allowed by default but is not combined with broad credentials or unusual privileges.