Back to skill
Skillv0.1.0
ClawScan security
Double Check Article · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 23, 2026, 7:01 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- An instruction-only Chinese proofreading skill whose declared purpose matches its runtime instructions and that does not request credentials, install anything, or access files—internally coherent and proportionate.
- Guidance
- This skill is an instruction-only Chinese proofreading tool and appears internally consistent. Before installing, keep in mind: (1) any text you submit to the skill will be processed by the agent (and therefore handled by whatever LLM/service your agent uses), so do not submit sensitive or confidential material unless you trust that provider; (2) automated corrections are suggestions — review edits to ensure they preserve intended meaning and facts; (3) if you later see unexpected requests for credentials, file access, or network calls, do not install or revoke access and investigate further.
Review Dimensions
- Purpose & Capability
- okName and description (Chinese article proofreading, typo/expressions/suggestions) match the SKILL.md instructions. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- okSKILL.md confines itself to three proofreading steps (typo correction, expression review, improvement suggestions). It does not instruct the agent to read system files, environment variables, or send data to external endpoints beyond normal model usage.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only). Nothing is written to disk or downloaded by the skill itself.
- Credentials
- okThe skill requests no environment variables or credentials; the requested privileges are proportionate to a text-processing proofreading tool.
- Persistence & Privilege
- okalways is false and there is no indication the skill persists configuration or modifies other skills. Autonomous model invocation is allowed by platform default but not a concern here by itself.