Skillv1.0.0

ClawScan security

Evolver · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 7, 2026, 5:57 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description matches its instructions (make the agent 'self-evolving' and relentless), but it asks the agent to permanently change its behavior and autonomously execute actions without declaring where it will store those changes or what permissions it needs — that mismatch and the open-ended execution instructions are concerning.
Guidance: This skill tells your agent to permanently change how it behaves and to run autonomously and repeatedly, but it doesn't say where it will store those changes or what limits exist. Before installing: 1) Ask how and where 'Evolution Logs' and permanent rules will be stored (platform memory, files, external service). 2) Confirm how to stop, review, or revert behavioral changes and whether a human must approve certain actions. 3) Test in a safe environment first (no access to important accounts or real financial systems). 4) Prefer skills that explicitly declare required permissions, storage locations, and safe-guards. If the publisher can't explain persistence and safety controls, treat this as risky and avoid granting it broad autonomous execution.

Review Dimensions

Purpose & Capability: concernThe skill's stated purpose (make the agent self-improving and relentlessly execute missions) aligns with the SKILL.md content. However, the behavior it requires — creating persistent 'Evolution Log' entries and turning repeated lessons into 'permanent rules' — implies persistent storage and a capability to modify agent behavior across sessions. The skill declares no config paths, storage, or permissions for persistence, which is inconsistent and unexplained.
Instruction Scope: concernThe instructions are broad and grant the agent wide discretion: 'Execute Ruthlessly', 'use tools efficiently', 'repeat until mission complete', and auto-create/update behavioral rules. They direct autonomous, iterative action and permanent rule changes without describing safety boundaries, allowed actions, or how to stop/rollback changes. This open-ended scope can lead to unexpected or undesired operations.
Install Mechanism: okInstruction-only skill with no install or code files. This minimizes installation-time risk because nothing is downloaded or written during install.
Credentials: noteThe skill requests no environment variables, credentials, or external endpoints — which is good from a secrets-exfiltration perspective. However, the requirement to store logs and make behavior permanent implies some form of persistent storage (memory, files, or external service). The absence of any declared storage access or config path is suspicious and leaves unanswered where evolution data will be kept.
Persistence & Privilege: concernAlthough the skill is not marked always:true, it instructs the agent to create persistent rules and continually evolve itself. With normal autonomous invocation allowed, this creates a meaningful persistence/privilege risk: the agent could change its own behavior across sessions without explicit user oversight, and the skill provides no guidance on where or how evolution data is persisted or how to revert changes.