Skillv1.0.0

ClawScan security

Monster Method Decomposition · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 2:50 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only refactoring helper that asks for access to a codebase and standard editing tools — its requirements and instructions are coherent with its stated purpose.
Guidance: This skill is instruction-only and appears coherent with its goal of safely decomposing large methods, but it will need READ and EDIT access to your repository and the ability to run shell commands (Bash) to run tests or refactoring tools. Before enabling it: (1) ensure the agent runs in a sandbox or on a branch so automated edits can be reviewed; (2) keep backups or use version control (commit/PR) to avoid accidental destructive changes; (3) confirm any dependent skills (safe-legacy-editing-discipline, dependency-breaking-technique-executor) are trusted, since they may be invoked during escalation; (4) consider restricting autonomous invocation if you don’t want the agent to apply edits without human approval. No environment variables or external downloads are required, and there are no scanner flags — overall the skill appears internally consistent and proportional to its stated purpose.

Review Dimensions

Purpose & Capability: okThe name/description (decomposing large methods) aligns with the declared inputs (codebase, method source, language) and required tools (Read, Edit, Bash, optional Grep). No unrelated binaries, env vars, or external services are requested. Declared dependencies on related refactoring/discipline skills are appropriate.
Instruction Scope: okSKILL.md confines activity to source-code analysis and stepwise refactoring (classify method shape, extract low-coupling pieces, introduce sensing variables, escalate to method-object). It instructs collecting the method text, language, tests, and IDE/refactor-tool availability. It does not instruct reading unrelated system files or exfiltrating data. The inclusion of Bash/Edit/Read is consistent with making edits and running tests, though exercising shell access can run arbitrary commands — that's expected for repository edits but worth guarding in practice.
Install Mechanism: okNo install spec and no code files — instruction-only skill. Nothing is downloaded or written to disk by an installer, which minimizes installation risk.
Credentials: okNo environment variables, credentials, or config paths are requested. The skill only requires access to the codebase and refactoring tools, which is proportionate to its purpose.
Persistence & Privilege: notealways:false (default) and no package installation. However the skill requires Edit/Bash capability so, when invoked, it can modify files and run shell commands in the repository. Autonomous invocation is permitted by platform defaults (disable-model-invocation:false) — this is not inherently problematic but means you should control whether agents can run edits autonomously or only after human review.