Skillv1.0.0

ClawScan security

Oo Design Principle Evaluator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 10, 2026, 8:32 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested actions and runtime instructions are consistent with its stated purpose of evaluating OO designs; it asks for codebase access for deeper analysis and optionally suggests using text-search or shell tools, but it does not request unrelated credentials or install arbitrary code.
Guidance: This skill appears coherent and appropriate for reviewing OO designs. Before enabling it or giving it access, consider: (1) it will ask whether it can access your source tree — only grant access to the repositories you want analyzed; avoid pointing it at repositories containing secrets or unrelated sensitive data, (2) optional Grep/Bash usage means the agent could run text-search commands in the provided directory — ensure the working directory is safe, (3) the included reference material appears to quote GoF content; if licensing is a concern, review that separately, and (4) the agent can invoke the skill autonomously (normal behavior) — if you need a stricter guard, disable autonomous invocation for this skill in your agent policy. Overall, the skill is internally consistent with its stated purpose.

Review Dimensions

Purpose & Capability: okThe name and description match the instructions: the skill analyzes class hierarchies and recommends composition vs inheritance. It declares no env vars, binaries, or installs — appropriate for an instruction-only design-review skill. Tools listed (Read, TodoWrite; optional Grep, Bash) are coherent with scanning a codebase and producing a structured report.
Instruction Scope: noteThe SKILL.md explicitly instructs the agent to scan the environment for source files, look for concrete instantiations, overrides, and other code patterns and to use TodoWrite for tracking. This is appropriate for deeper analysis, but it does mean the agent may read arbitrary files within any provided codebase. The doc also mentions optional use of Grep/Bash, which would enable shell-based text searches; these actions are within scope but capable of broad file access.
Install Mechanism: okNo install specification or code is provided. As an instruction-only skill, nothing is written to disk and no external packages are downloaded — this is low-risk and consistent with the skill's purpose.
Credentials: okThe skill requests no credentials, env vars, or config paths. The only privileges it reasonably needs are read access to the codebase when the user grants it. There are no unrelated secrets requested.
Persistence & Privilege: okalways:false and no claims of modifying other skills or system-wide settings. disable-model-invocation is false (normal), so the agent could invoke the skill autonomously if policies allow — this is expected for skills and does not by itself indicate misuse.