Back to skill
Skillv1.0.0
ClawScan security
Ax Development · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 11:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only guidance skill (AX development) whose content matches its name and requests no credentials, installs, or privileged access — it is internally coherent and low-risk.
- Guidance
- This skill is an instruction-only AX development guide and appears coherent with its stated purpose. It does not request credentials or install code, so it is low-risk to add. Before adopting it as policy, review the content yourself (source and homepage are unknown) to ensure the conventions match your project and security policies. If you allow agents to invoke skills autonomously, be aware this skill is just guidance and cannot itself perform actions — but consider restricting autonomous invocation of other skills that implement these patterns until you've audited them.
Review Dimensions
- Purpose & Capability
- okThe name/description (Agent Experience framework) aligns with the provided SKILL.md and reference doc: both are developer guidance about deterministic design, machine-readable contracts, CLI patterns, and tests. No unrelated capabilities or secrets are requested.
- Instruction Scope
- okThe SKILL.md is purely prescriptive guidance for authors and CLI designers and does not instruct the agent to read or exfiltrate files, call external endpoints, or access environment variables. It suggests best practices (e.g., co-locate docs, JSONL output) but contains no runtime directives that would expand scope beyond documentation.
- Install Mechanism
- okNo install spec or code is included; this is instruction-only. Nothing will be written to disk or fetched during install by the skill itself.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The guidance references using exit codes/JSONL in CLIs, which does not imply any secret access by the skill itself.
- Persistence & Privilege
- okalways is false and model invocation is allowed (the platform default). The skill does not request persistent presence or system-wide changes. No indications it would modify other skills or agent configuration.