Technical Doc Generator
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked on the wrong directory, it could read or modify more project files than intended.
The skill can inspect, modify, search, and run commands in the selected codebase. This is expected for documentation generation, but it is still broad local authority.
allowed-tools: Read, Write, Edit, Grep, Glob, Bash
Run it from a version-controlled project directory, pass an explicit path when possible, and review generated diffs before committing or sharing.
Generated docs could expose internal design or configuration details to readers who receive the documentation.
The generated documentation may persist summaries of configuration, environment variable names, architecture, database schema, and dependencies. This is aligned with the skill purpose, but those details may be sensitive if the docs are shared externally.
Configuration: [Detected from .env.example, config files, environment variables in code]
Review generated documentation for secrets, internal URLs, sensitive architecture details, and environment-specific values before publishing or sending it to clients.