Skillv1.0.0

ClawScan security

Court Listener Hardened · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 1:39 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is coherent with its stated purpose (a statutory-interpretation guide) and has no code or credential requests, but its runtime instructions lack required safety guardrails (clear disclaimers, explicit assumptions, and limits on giving case-specific legal advice), so it could unintentionally present authoritative legal advice or overreach when used autonomously.
Guidance: This skill appears to be what it says (a statutory-interpretation guide) and has no code or credential requests, but it currently lacks safety guardrails that matter for legal content. Before installing or using it for real-world decisions, consider the following: (1) Do not treat its outputs as legal advice — require the skill to include an explicit, prominent legal-advice disclaimer and to recommend consulting a licensed attorney for case-specific guidance. (2) Require the agent to state all factual assumptions and information gaps before concluding whether a statute applies (ask for jurisdiction, dates, concrete facts). (3) Prefer versions that cite primary authorities (statute/regulation text, controlling case law) and include provenance links. (4) If you expect the agent to help with disputes or litigation, avoid relying on it for strategic or tactical instructions (those should come from lawyers). If the publisher updates SKILL.md to add these guardrails (clear disclaimer, mandatory collection/stating of facts, limits on giving case-specific strategy), re-evaluate — that would likely make the skill benign for informational use.
Findings: [guardrail-applicability-assumption-transparency] unexpected: SAFETY.md reports the skill fails the 'Applicability Assumption Transparency' guardrail: the agent may assert applicability/non-applicability of statutes without stating assumptions or information gaps. For a statutory-interpretation skill this guardrail is expected; the absence is a safety concern. [guardrail-legal-advice-disclaimer] unexpected: SAFETY.md reports the skill fails the 'Legal Advice Disclaimer' guardrail: the agent may present statutory analysis without making clear it is not authoritative legal advice and without recommending consultation with licensed counsel. For user safety this guardrail should be present in legal-analysis skills.

Review Dimensions

Purpose & Capability: okName, description, and SKILL.md content align: this is an instruction-only statutory-interpretation/reference guide. There are no binaries, installs, or unexpected environment/credential requests that would be incoherent with the stated purpose.
Instruction Scope: concernThe SKILL.md provides extensive step-by-step guidance for analyzing statutes and applying them to factual scenarios, but the included SAFETY.md shows the skill fails key guardrails: it does not reliably require the agent to (1) state factual assumptions and information gaps before concluding applicability and (2) include a proportionate legal-advice disclaimer and to avoid presenting case-specific strategy as authoritative. This increases the risk users will receive definitive legal conclusions or litigation strategy without being warned or asked for necessary facts.
Install Mechanism: okInstruction-only skill with no install spec, no downloads, and no code files — lowest-risk install profile.
Credentials: okNo required environment variables, credentials, or config paths. The skill does not request access to unrelated services or secrets.
Persistence & Privilege: okalways is false and default autonomy settings apply. The skill does not request permanent presence or system-wide config changes. No modifications to other skills or system settings are indicated.