Back to skill
Skillv1.0.0
ClawScan security
chat-skill- project · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 11, 2026, 8:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is a simple, self-contained chat skill that maps numeric inputs to preset replies; the code and instructions match the description and request no credentials, network access, or unusual installs.
- Guidance
- This skill is minimal and appears safe: it runs locally, reads user input, and returns preset responses with no network or secret access. If you plan to use it, verify the source if you require provenance, and remember it only provides very basic canned replies (no advanced conversational features).
Review Dimensions
- Purpose & Capability
- okThe skill name/description (simple chat responding to numeric input) matches the provided files: chat_skill.py implements the exact mappings and SKILL.md documents how to run it. No unrelated capabilities are requested.
- Instruction Scope
- okSKILL.md instructs running python chat_skill.py and interacting via stdin. The instructions do not ask the agent to read unrelated files, access environment variables, or transmit data externally.
- Install Mechanism
- okThere is no install spec. The repo contains a tiny Python script and an empty requirements.txt; nothing is downloaded or written to disk beyond the provided files.
- Credentials
- okNo environment variables, credentials, or config paths are required. The skill's functionality does not justify any secrets or external credentials.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request elevated persistence or modify other skills or agent-wide settings.