Skillv1.0.0

ClawScan security

de-ai-flavor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 24, 2026, 1:32 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only Chinese style-editing skill that is internally consistent with its stated purpose, but it will read and overwrite files and expects git for showing diffs (though it doesn't declare git as a requirement).
Guidance: This skill is coherent for editing Chinese Markdown to remove AI-sounding phrasing, but note: 1) it reads and writes files in-place — back up the file or run it on a copy if you want to avoid accidental overwrites; 2) the SKILL.md says it will show a git diff, but it does not declare git as required — ensure the file is in a git repo or that git is installed, otherwise the diff step may fail or the edit flow may be different; 3) the instructions apply changes before displaying the diff (ambiguous), so confirm with the developer or test on a copy first; 4) review suggested edits carefully — automated rephrasing can change nuance or technical meaning. If you need safer behavior, ask the author to change the flow to 'show proposed edits and ask for confirmation before modifying files.'

Purpose & Capability: okThe name/description (remove 'AI' translationese from Chinese text) matches the instructions: the skill reads a Markdown file, detects translationese patterns, suggests edits, and writes modifications. It does not request unrelated credentials or system access.
Instruction Scope: concernThe SKILL.md instructs the agent to read an arbitrary file path and to '直接修改文件' (modify the file in-place) and then '显示 diff' using git diff. That means the skill will perform filesystem writes without an explicit confirmation step before applying changes (the doc shows diff after applying), and it assumes git is available although no binaries are declared. These behaviors are coherent with a file-editing tool but can lead to unexpected overwrites if the user expects a preview-before-write.
Install Mechanism: okNo install spec (instruction-only). No code is installed or downloaded, so there's no installation risk from external URLs or packages.
Credentials: okThe skill requests no environment variables, credentials, or config paths — proportional to a local file-editing tool. It does not attempt to exfiltrate data or call external services in the instructions.
Persistence & Privilege: okalways is false and the skill does not request persistent/system-wide privileges. Autonomous invocation is allowed (platform default) but is not combined with other concerning privileges or credential access.