Skillv1.0.0

ClawScan security

Session Summary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

ReviewMar 16, 2026, 4:16 PM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill's description says it will collect session context and save summaries into an Obsidian vault, but the included instructions and script do not perform those actions and instead use hard-coded, fabricated data and paths — this mismatch is concerning.
Guidance: Do not assume this skill will actually save summaries to your Obsidian vault: the README says it will, but the included script only prints a summary made from hard-coded, fabricated session data and does not write files. The script also embeds a specific user path (/mnt/c/Users/milky/...), which is unexpected and should be configurable (not hard-coded). If you consider using this skill, ask the author to: 1) implement actual collection of real session context, 2) implement explicit, documented file-write behavior that asks for or uses a configurable vault path (don't hard-code a user path), 3) request only the minimal required permissions or environment variables, and 4) show a preview of the content to be written and require user confirmation before writing to your vault. Right now the mismatch between description, instructions, and code makes the package suspicious rather than clearly benign.

Purpose & Capability: concernThe skill claims to save session summaries to an Obsidian vault, but it declares no configurable vault path, no required config, and no credentials. The shipped script contains a hard-coded Windows/WSL vault path (/mnt/c/Users/milky/...) rather than using a declared config or asking the user — that is disproportionate and user-specific.
Instruction Scope: concernSKILL.md says the skill will 'collects session context' and 'saves to Obsidian 10_Daily folder'. The provided script does neither: it does not collect runtime session context, does not write files to disk, and instead prints a summary generated from hard-coded sessionData. The instructions and implementation contradict each other.
Install Mechanism: okThere is no install spec and no network/downloads. The skill is instruction-only with a small local script; this is low-install risk.
Credentials: concernThe skill requests no environment variables or credentials, which is good, but it embeds a user-specific absolute path for an Obsidian vault. That hard-coded path is a privacy concern and indicates the skill expects access to the user's filesystem without declaring it or providing configuration.
Persistence & Privilege: okThe skill is not marked 'always' and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings.