Back to skill
Skillv0.1.0
ClawScan security
Arya Model Router · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 8:58 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are coherent with a local model-routing/briefing helper: it runs locally, reads/writes only its own files, and does not request credentials or external network access.
- Guidance
- This skill appears to be a straightforward local model router: it reads rules.json and state.json and prints a JSON decision; it does not call external services or request secrets. Before installing, consider: 1) confirm the small metadata mismatch (SKILL.md declares bash + python3) and ensure python3 is available; 2) note the skill will write state.json inside the skill folder so feedback commands persist and slightly auto-tune thresholds over time; 3) the router only 'suggests' spawning sub-agents — make sure your agent's sessions_spawn or sub-agent mechanism enforces your privacy and does not send sensitive context to external models/services you don't control. If you are comfortable with those points, the skill is coherent and low-risk.
Review Dimensions
- Purpose & Capability
- noteThe name/README/SKILL.md describe a local model router and the included Python scripts implement that behavior. Minor inconsistency: the SKILL.md metadata lists required binaries (bash, python3) while the registry summary showed no required binaries — this is a small metadata mismatch but does not change functionality.
- Instruction Scope
- okRuntime instructions tell the agent to run router.py and optionally brief.py, to interpret the JSON output and (conceptually) spawn sub-agents. The scripts operate on provided text and local rule/state files only and do not read unrelated system files or environment variables.
- Install Mechanism
- okNo install spec is present (lowest installer risk). The skill includes code files that will run locally; there are no downloads, external installers, or archive extraction steps.
- Credentials
- okNo environment variables, credentials, or external tokens are required. The code only reads/writes its own rules.json and state.json in the skill directory.
- Persistence & Privilege
- okThe skill persists minimal state (state.json) in its own folder to store mode/feedback and last decision. always is false and the skill does not modify other skills or system-wide configurations.