Back to skill
Skillv1.0.0
ClawScan security
Legacy Code Change Algorithm · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 1:48 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only guide for safely changing untested legacy code; its requested actions and tools align with that purpose and it does not ask for unrelated credentials or install anything.
- Guidance
- This skill is coherent for its stated purpose, but it will ask the agent to read and edit source files and run shell commands (tests/build). Before using it: (1) run it on a feature branch or a copy of the repository, (2) ensure your CI/build is available or you can run tests locally, (3) review any edits the agent proposes before committing, and (4) avoid giving the agent access to production secrets or systems — keep it limited to the code repository and a developer/test environment.
Review Dimensions
- Purpose & Capability
- okName/description match the actual requirements: the skill guides changes to an untested codebase and explicitly needs access to source files, test-running, and simple developer tools (Read, Grep, Edit, Bash). Nothing requested (no credentials, no unrelated binaries) is disproportionate to that purpose.
- Instruction Scope
- okSKILL.md focuses on locating change points, discovering tests/build info, breaking dependencies, and adding characterization tests. It expects the agent to inspect project files and run tests or test subsets — actions appropriate for the stated goal. The instructions do require running shell commands (Bash) and editing files, which is coherent for this workflow but means the agent will have the capability to execute arbitrary commands in the code environment.
- Install Mechanism
- okNo install spec; instruction-only skills are lowest-risk because nothing is downloaded or written by an installer.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. There are no requests for unrelated secrets or broad platform access.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or elevated platform privileges or modifications to other skills. Allowing the agent to run the skill autonomously is the platform default and not a problem here given the narrow scope.