Skillv1.0.0

ClawScan security

Persuasion Content Auditor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 8:43 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only persuasion-audit utility that only needs the content to audit and the ability to read a user-provided file; its requirements and instructions are consistent with its stated purpose.
Guidance: This skill is internally consistent and contains only instructions for auditing text you provide. Before installing or using it: (1) do not paste or point it at sensitive personal data or credentials — only provide the content you want audited; (2) be aware that if you supply a file path the agent's Read tool will access that file, so only reference files you intend to share; (3) confirm the platform's Read/Write tool permissions so they don't grant broader access than you expect; and (4) if you need guarantees about data leaving your environment, verify the platform's privacy policy or avoid pasting private content. Overall the skill looks coherent for its purpose.

Purpose & Capability: okName/description (audit persuasive content against the 6 principles) matches the instructions and included rubric. The skill requests content and an intended action (expected). It does not require unrelated credentials, binaries, or configuration.
Instruction Scope: noteSKILL.md confines runtime actions to reading the provided content (paste or file path) and applying the rubric. It instructs the agent to check the prompt for pasted copy or file-path references and to use the Read tool if given a file path. This is appropriate for the task, but it does mean the agent will read any file paths the user supplies — users should avoid passing sensitive files.
Install Mechanism: okInstruction-only skill with no install spec and no code files. Nothing is downloaded or written to disk by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The only runtime data it needs is the content to audit and optional file read access for user-specified paths, which is proportional to the stated purpose.
Persistence & Privilege: okalways:false (default) and autonomous invocation enabled (platform default). The skill does not request persistent/system-wide privileges or modify other skills. It requires Read (and optionally Write) tools, which is coherent for reading user-supplied files and producing reports.