Back to skill
Skillv2.0.2
ClawScan security
格鲁夫 Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 11, 2026, 8:05 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only, persona-style skill that provides Andy Grove–inspired management advice; its claimed purpose matches what it requires and it does not request extra system access or installs.
- Guidance
- This skill is a content-only persona that gives Andy Grove–style management advice and is internally coherent. It does not request secrets or install code, so risk from direct system access is minimal. Before relying on its recommendations: remember the skill is an interpretive distillation (not authored by Andy Grove), validate important decisions with domain experts, and be aware any AI-generated advice can hallucinate specifics or overgeneralize to your context.
Review Dimensions
- Purpose & Capability
- okName/description (Grove management distillation) align with the SKILL.md content: persona, heuristics, OKR guidance and AI-era adaptations. There are no unrelated requirements (no env vars, binaries, or config paths).
- Instruction Scope
- okSKILL.md contains only textual guidance, heuristics, examples and persona instructions. It does not instruct the agent to read files, access environment variables, call external endpoints, or perform system actions outside the stated purpose.
- Install Mechanism
- okNo install spec and no code files. Instruction-only skills are low-risk because nothing is written to disk or fetched at install time.
- Credentials
- okThe skill requires no credentials, environment variables, or config paths; requested access is proportional (none) to its textual advisory purpose.
- Persistence & Privilege
- okalways is false and autonomous invocation is platform-default; the skill does not request permanent/system-wide privileges or modify other skills' configs.