Skillv1.0.1

ClawScan security

SageMaker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 9:06 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, file usage, and lack of requested credentials or installs are consistent with a local 'agent memory' helper; no clear mismatches were found, but some operational ambiguities merit caution.
Guidance: This skill is internally consistent with a local agent memory管理 helper and doesn't request credentials or installs. Before enabling it: 1) Confirm where the agent will read/write the memory/ and governance files (workspace root vs system paths) so sensitive data isn't stored unexpectedly. 2) If an installer (scripts/install.ps1) is ever bundled, inspect the script before running it — do not run PowerShell scripts from untrusted sources or with execution-policy bypass. 3) Decide retention and privacy rules for stored memories (they can contain sensitive info). 4) If you expect the skill to integrate across multiple agents or systems, request details on access controls. If those questions are answered satisfactorily, the skill appears safe to use.

Review Dimensions

Purpose & Capability: okThe name/description describe a layered memory system and the SKILL.md only asks the agent to create/read/update local memory files and governance documents (memory/, self-model.md, etc.), which is coherent with the stated purpose.
Instruction Scope: noteInstructions stay within the memory/ and governance-file scope and prescribe promotion rules, gating, and pre/post task behavior. They do reference optionally running skills/SageMaker/scripts/install.ps1 if present; the skill bundle currently has no scripts, so there is no immediate executable action. The SKILL.md does not explicitly constrain the root workspace for the memory/ paths, so where files will be created/read is ambiguous and worth confirming.
Install Mechanism: okNo install spec or bundled code is present (instruction-only), so nothing will be written or downloaded by default. The doc mentions an optional PowerShell installer if bundled; because no install script is included, there is no install-time risk in this package as provided.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its file-read/write behavior is proportionate to a memory-management helper.
Persistence & Privilege: notealways:false and standard autonomous invocation are used. The skill expects persistent files (memory/...), which is appropriate for a memory OS, but you should confirm the intended storage location and retention policy before use. There is no request to modify other skills or system-wide settings.