Back to skill
Skillv1.0.0
ClawScan security
Claw Runaway Loop Detector · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 9:50 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only analyzer that is internally consistent with its stated purpose and does not request credentials, install code, or access unrelated resources.
- Guidance
- This is an instruction-only analyzer and appears coherent with its purpose. Before using it, avoid pasting secrets or private credentials into the workflow you submit for analysis because the content will be processed by the agent/model. Treat its findings as advisory — it will suggest safeguards but will not automatically enforce them. If you need automated enforcement (e.g., runtime token caps or circuit breakers), use platform-level controls or instrumented code in addition to this analyzer. If you want stronger assurance about what the skill does with your data, ask the publisher for source code or a hosted implementation detail; absence of install code here means the analysis logic is entirely driven by the SKILL.md and the model invocation context.
Review Dimensions
- Purpose & Capability
- okName and description claim to detect runaway loops in Claw workflows; the SKILL.md contains only analysis instructions for that exact task and does not request unrelated capabilities or credentials.
- Instruction Scope
- okRuntime instructions are limited to analyzing provided workflows/prompts for loop triggers, termination conditions, retries, and estimating token amplification. The SKILL.md does not instruct the agent to read system files, environment variables, or transmit data to external endpoints beyond normal model invocation.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. Nothing is written to disk or downloaded as part of the skill.
- Credentials
- okNo required environment variables, credentials, or config paths are declared or referenced in the instructions; requested access is proportionate to an analysis-only tool.
- Persistence & Privilege
- okFlags indicate default behavior (not always:true). The skill does not request persistent system-wide changes or access to other skills' configurations.