Back to skill
Skillv1.0.0
ClawScan security
vasp-input-generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 12:47 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose of generating VASP input files and do not request unrelated credentials, network access, or elevated privileges.
- Guidance
- This skill appears coherent and safe for generating VASP INCAR/KPOINTS/POSCAR.template files. Before running: (1) review generated INCAR/KPOINTS values (k-point estimation is simplistic and parameters may need tuning for your system), (2) remember POTCAR must be assembled separately from licensed pseudopotential files (the tool does not create POTCAR), and (3) run the script in a directory you control because it will write files to the chosen output directory. If you rely on strict provenance, inspect the bundled script source (scripts/generate_vasp_inputs.py) yourself—there are no network calls or hidden behaviors, but always validate parameters before launching expensive VASP runs.
Review Dimensions
- Purpose & Capability
- okName/description (VASP input generation) align with the included Python script and reference file. The script only generates INCAR, KPOINTS, and a POSCAR.template and documents that POTCAR must be created separately.
- Instruction Scope
- okSKILL.md and the script confine actions to generating local input files. The script only reads an optional user-supplied POSCAR path and writes outputs to the chosen output directory; it does not access external endpoints, unrelated system files, or environment variables.
- Install Mechanism
- okNo install spec or external downloads—this is an instruction-only skill with a bundled script. Nothing is fetched from the network or extracted to arbitrary locations.
- Credentials
- okThe skill declares and requires no environment variables, credentials, or config paths. The script does not attempt to read secrets or unrelated config.
- Persistence & Privilege
- okThe skill does not request persistent/always-on presence and does not modify other skills or system-wide settings.