Back to skill
Skillv1.0.0
ClawScan security
build-brand-design-faq-page · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 23, 2026, 4:03 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it's an instruction-only FAQ content generator for brand design, and it does not request credentials, install software, or access unrelated system resources.
- Guidance
- This skill appears safe and coherent for drafting brand-design FAQs. Before using it in production: review generated content for factual accuracy and brand compliance, avoid feeding or exposing any sensitive or proprietary data to the tool, and be aware that web_search may fetch external content (check that those results are acceptable for your use). If you plan to connect the skill to internal systems or provide it with organization credentials later, re-evaluate scope and permissions at that time.
Review Dimensions
- Purpose & Capability
- okName and description match the declared behavior. The SKILL.md describes drafting FAQ answers for brand/design audiences and references chat and web_search which are appropriate for content generation and background research. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- okRuntime instructions are limited to clarifying audience, producing a first draft, enriching with SkillBoss capabilities, and refining output. The instructions do not direct the agent to read arbitrary local files, access credentials, or transmit data to unexpected endpoints. They explicitly advise reviewing outputs before publishing.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. This minimizes disk writes and avoids executing downloaded code.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. Its use of chat and web_search is proportionate to generating FAQ content; there are no requests for unrelated secrets.
- Persistence & Privilege
- okalways is false and there are no special persistence requirements. The skill does not request to modify other skills or system-wide settings. Autonomous invocation is allowed by default (normal for skills) but not elevated.