Skillv0.1.0

ClawScan security

Skill Preflight Bootstrap · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 10:01 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and requested capabilities are coherent with its stated purpose of bootstrapping a repo-level 'skill preflight' workflow; nothing requests unrelated credentials or global changes, though it does run local file writes and optionally invokes npx at runtime for remote searches.
Guidance: This skill appears to do what it says: it will copy scripts and docs into the target repository and merge project-level hook settings. Before running: 1) use `--dry-run` to preview changes; 2) inspect the bundled scripts (they are included) to confirm you accept the writes and merge behavior; 3) be aware that running the included skill-preflight will scan ~/.codex, ~/.agents, and ~/.claude (read-only) and may call `npx -y skills find`, which fetches and executes code from npm — only run remote searches if you trust that network action; 4) if you run with `--force` it will overwrite existing template files, so back up important files first. No secrets or cloud credentials are requested by the skill itself.

Review Dimensions

Purpose & Capability: okName/description match the included scripts and documents: bootstrap script copies scaffold files, merges project-level hook settings, and appends an AGENTS.md fragment. The files present (Python and shell) are appropriate for this repo-bootstrap purpose. Minor note: the tooling expects Python and (optionally) npx to be available at runtime but the registry metadata declared no required binaries.
Instruction Scope: noteSKILL.md and the scripts stay within project-level bootstrapping scope. The included skill-preflight.py will scan both project and user-level skill directories (~/.codex, ~/.agents, ~/.claude) when searching local skills (read-only), and will invoke an external search via `npx -y skills find` when --remote is used (or when no local match). These behaviors are consistent with the stated purpose but do involve reading user home skill dirs and executing a network-installed npm tool.
Install Mechanism: noteNo install specification (instruction-only) and scaffolded files are bundled in the skill — low static install risk. However, runtime behavior includes calling `npx -y skills find`, which will fetch and run code from the npm ecosystem; that is a network operation and executes third-party code at runtime (expected for remote skill discovery but worth noting).
Credentials: okThe skill declares no required environment variables or credentials. Hooks reference CLAUDE_TOOL_OUTPUT to inspect tool output (a non-secret runtime variable common in agent environments). The scripts read user skill directories for discovery, which is proportional to finding local skills; they do not request unrelated secrets or cloud credentials.
Persistence & Privilege: okalways is false and the skill does not demand permanent/global privileges. The bootstrap writes project-level files and merges project-level settings only. It does not modify other skills' configurations beyond per-project settings or the project's AGENTS.md.