Skillv1.0.0

ClawScan security

Generate Fractional Cfo Firm Client Education Handout · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 28, 2026, 9:22 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill that is internally consistent with its stated purpose (generating client education handouts) and does not request credentials, installs, or unusual system access.
Guidance: This skill appears coherent and low-risk: it only provides instructions for producing handouts and does not request credentials or installs. Before installing or using it, consider the following: (1) Do not supply confidential client PII or sensitive financial data to the skill or the underlying image/chat generation APIs unless you trust their handling and retention policies. (2) Review all generated content (especially financial claims, regulatory language, or advice) before publishing — the skill explicitly advises review but you should enforce it. (3) Check image-generation licensing and usage rights for any visuals produced. (4) If you are uncomfortable with broad tool permissions, ask the author to remove the unused 'Bash' allowed-tool entry so the agent cannot execute shell commands while running this skill. (5) Verify the skill source/homepage if provenance matters to your organization.

Purpose & Capability: okThe name and description (create a polished explainer handout with visuals, FAQs, and next steps) align with the skill contents. No environment variables, binaries, or install steps are requested that would be unrelated to producing handouts.
Instruction Scope: noteSKILL.md stays on-task: clarify audience, draft content, use chat and image_generation capabilities, and refine output. One minor note: allowed-tools lists 'Bash' and 'Read' though the instructions do not require shell access; this is not currently exploited by the document but is an unnecessary tool permission that could be removed to tighten scope.
Install Mechanism: okNo install spec; the skill is instruction-only so nothing is written to disk or installed. This is the lowest-risk pattern.
Credentials: okThe skill requires no environment variables, credentials, or config paths. That is proportionate for a content-generation handout.
Persistence & Privilege: okDefaults are used (always: false, autonomous invocation allowed). There is no request for permanent presence or modification of other skills/config; privileges are appropriate for a content-generation skill.