Skillv1.0.0

ClawScan security

Context Slimmer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:44 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (audit and produce slimming recommendations) mostly matches the included script, but the SKILL.md promises richer automated recommendations/savings than the script actually produces and there are small usability bugs and scope details that don't add up.
Guidance: This skill is low-risk code-wise (no network calls, no credentials), but it is incomplete and slightly inconsistent with its own documentation. Before installing or running it: (1) review the script to confirm it only examines files you want checked; it reads the workspace path you supply (or the current directory) and will print counts/flags for those files; (2) don't run it pointed at sensitive directories unless you intend to scan them; (3) note the script does not produce the detailed move/remove/compress recommendations or projected savings promised by SKILL.md — you'll need to produce those recommendations yourself (or pair the output with manual review or an LLM prompt); (4) be aware the CLI usage in the README is slightly mismatched with the script's argument parsing (the script treats the second positional argument as workspace), so test it in a safe directory first. If you expect fully automated slimming recommendations, request an updated script that computes per-file projected sizes and explicit move/remove/compress suggestions and that documents correct argument usage.

Review Dimensions

Purpose & Capability: noteThe skill claims to audit always-loaded context files and reduce token footprint; the provided scripts/measure.sh measures file sizes, approximates tokens, flags over-target files, and runs a light duplicate/verbosity checklist — which aligns with the stated purpose. However SKILL.md promises a full 'report' with projected sizes, savings per file, and concrete move/remove/compress recommendations. The script does not compute projected sizes, per-file savings, or generate concrete move/remove/compress suggestions, so the delivered capability is weaker than claimed.
Instruction Scope: concernSKILL.md instructs running scripts/measure.sh (with --audit and --workspace flags). The script reads the listed files from the workspace and prints checks — no network I/O — which is expected. Concerns: (1) the script's argument handling is inconsistent with the Quick Start: it inspects $1 for --audit and treats $2 as WORKSPACE, so the documented '--workspace /path' usage may not behave as expected; (2) the SKILL.md promises automated slimming recommendations but the script only emits counts/flags and limited duplicate-detection info, not move/remove/compress recommendations; (3) the script will read files from whatever directory is passed (or the current working directory), so running it against an unintended path could examine different files. None of these are inherently malicious, but they are functional mismatches and a small user-safety concern.
Install Mechanism: okNo install spec and the skill is instruction-only with a small local bash script. No downloads or external installers are used, which minimizes install risk.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. The script only reads files in the provided workspace path — this matches the stated purpose and is proportionate.
Persistence & Privilege: okThe skill is not always-loaded and uses default agent-invocable behavior. It does not request permanent presence or modify other skills or system-wide settings.