Skillv1.0.0

ClawScan security

MissionCore AI - Give It a Goal, It Executes Relentlessly · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 6, 2026, 8:01 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches its description, but it writes logs to a parent-directory path (../logs/journal.log) that isn't declared or explained — an unexpected filesystem side-effect that could escape the skill's sandbox.
Guidance: This skill is mostly coherent with its stated purpose, but the logger writes to ../logs/journal.log — a parent-directory file path not mentioned anywhere. Before installing or enabling this skill: 1) review and, if needed, modify logger.py to write only inside a safe, sandboxed directory (e.g., a skill-local logs/ folder), 2) ensure the agent runtime restricts filesystem writes (so the skill can't write to arbitrary parent paths), 3) consider whether you want an autonomous, single-goal executor (the SKILL.md emphasizes ignoring distractions and relentless execution), and 4) run the skill in a controlled environment first and audit the created log file for unexpected data. If you want, I can produce a patched logger that writes to a configurable, sandboxed path and update the SKILL.md to document the logging behavior.

Purpose & Capability: okName/description (turn AI into a mission executor) aligns with the provided code and SKILL.md: mission planning, task execution, self-correction and progress tracking are implemented in small modules.
Instruction Scope: concernSKILL.md describes execution behavior but does not mention logging or file writes. The bundled code (logger.py) appends to ../logs/journal.log (a parent-directory path), which is outside the skill package and is not declared in the instructions — this is scope creep and a potential sandbox escape vector.
Install Mechanism: okNo install spec (instruction-only plus small Python modules). Nothing is downloaded from external URLs; no third-party packages or install scripts are present.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The lack of secrets is proportionate to the stated purpose.
Persistence & Privilege: notealways is false and the skill does not request elevated platform privileges, but it does persistently append to a filesystem path outside its own directory. That file-write behavior gives it durable presence (journal entries) across runs and could be abused if the runtime's file permissions are broad.