Skillv1.1.0

ClawScan security

Reinforced Thinking Mode · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 6:46 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's required resources and instructions are consistent with its stated purpose (multi-round, file-backed thinking); it makes no disproportionate credential or install requests, but some runtime vagueness (web/search behavior, file retention) merits caution.
Guidance: This skill appears internally consistent for its stated goal of enforced multi-round thinking. Before installing or enabling it, consider: (1) it will write problem.md and round_*.md files in a working directory and then delete intermediate files — ensure the agent environment's file access and deletion behavior meets your data-retention and compliance needs; (2) the SKILL.md's 'search immediately' instruction is vague and may cause the agent to perform web searches or use networked tools — if you want to restrict network calls, enforce those limits at the agent/runtime level; (3) the skill does not request credentials or installs, but its freedom to 'choose angle' and re-run rounds gives it broad behavioral discretion — review outputs and final_report.md before allowing automatic deletion if you need to retain an audit trail; (4) small textual ambiguities (typo in cleanup) mean you should test with non-sensitive data first. If you want a stricter security posture, restrict network access for this skill, sandbox the working directory, and require human approval before deleting files or before the agent synthesizes/publishes final outputs.

Review Dimensions

Purpose & Capability: okName/description (multi-round independent thinking) match the SKILL.md: it prescribes creating a working directory, writing problem.md, producing round_X.md files, synthesizing a final report, and deleting intermediates. No unexpected credentials, binaries, or installs are requested.
Instruction Scope: noteInstructions describe explicit file I/O (create/read/write/delete problem.md and round_{n}.md) which is coherent for the purpose. However the guidance 'Uncertain facts → Search immediately' is vague about what search mechanisms/endpoints to use (web search, internal tools, or asking the user). The SKILL.md also gives broad discretion about choosing angles and early-termination thresholds; these are functional but open-ended. There's a minor textual typo in the cleanup section that slightly reduces clarity.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest-risk delivery method. Nothing is downloaded or written by an installer.
Credentials: okNo environment variables, credentials, or config paths requested. The skill does not ask for unrelated secrets or platform tokens.
Persistence & Privilege: okalways:false and no persistent installation. The skill writes and then deletes local files in a working directory; it does not request to modify agent/system configuration or other skills. Autonomy is allowed by default but not elevated by special privileges.