Skillv1.0.2

ClawScan security

Excalidraw Diagrams for Obsidian · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 23, 2026, 8:33 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The instructions, required inputs, and outputs are coherent with the stated purpose of generating Excalidraw diagrams for Obsidian and excalidraw.com; the skill requests no credentials, installs nothing, and confines actions to creating/saving diagram files with user confirmation.
Guidance: This skill appears coherent and low-risk: it only generates Excalidraw JSON and can save files in Obsidian or .excalidraw format. Before installing or using it, consider: (1) verify the skill asks you before writing and before overwriting files and only grant filesystem access to directories you control; (2) confirm which output mode you want (Obsidian .md vs .excalidraw) so formatting rules are applied correctly; (3) review the generated file content before opening in third-party apps if provenance matters — the skill references public project URLs but the registry entry has no homepage, so you may want to confirm the author/source separately; (4) because the skill can write files, avoid giving it elevated or system-level write permissions. Overall there are no mismatches between what it claims and what it requests.

Review Dimensions

Purpose & Capability: okThe name/description match the SKILL.md: it describes generating Excalidraw JSON and packaging it for Obsidian or excalidraw.com. No unrelated binaries, environment variables, or config paths are requested. The referenced 'source' strings point to expected Excalidraw/Obsidian project URLs and are consistent with the purpose. (Note: the registry metadata lists no homepage/source provenance, but that is a provenance/traceability issue rather than an incoherence with capability.)
Instruction Scope: okRuntime instructions are narrowly scoped to analyzing user content, producing Excalidraw JSON, asking the user for output mode and file path, checking for existing files, and saving only after explicit confirmation. The skill does not instruct the agent to read unrelated files, environment variables, or external endpoints. It does require filesystem access to check/save files — which is expected and explicitly gated by asking the user before writing.
Install Mechanism: okNo install spec and no code files are present (instruction-only). This is the lowest-risk model: nothing is downloaded or written by an installer step.
Credentials: okNo environment variables, credentials, or config paths are requested. The lack of secret access is proportional to the described functionality.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges or attempt to modify other skills. It does perform file creation when explicitly asked, which is appropriate for its function.