Skillv1.0.0

ClawScan security

Relationship science coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 7:30 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and requirements align with a relationship-coaching assistant and do not request unrelated credentials or risky installs.
Guidance: This skill appears internally consistent with its stated purpose and does not request credentials or network installs. Before installing, consider: 1) Source provenance — the package has no homepage and the source is listed as unknown; if you need guarantees about provenance or liability, ask the provider for a repository link or authorship verification. 2) Review of code if possible — optional Python scripts are included (intake_router, intervention_selector, session_plan, worksheet_builder, etc.); if you plan to run the scripts locally, scan them for any unexpected I/O or network behavior (the SKILL.md says they require no network access). 3) Licensing — the skill is marked "Internal-use-only; see LICENSE.txt"; check the license terms to ensure they match your intended use. 4) Scope and expectations — this is coaching, not therapy/medical/legal advice; it intentionally redirects high-risk or clinical cases to professionals. If you want stronger assurances (e.g., provenance, third-party audit), request the upstream repository or a signed provenance statement from the publisher before adoption.

Review Dimensions

Purpose & Capability: okName, description, SKILL.md, and included reference materials all describe practical relationship coaching. The skill declares no binaries, no environment variables, and no network installs — which is proportionate for a coaching skill. Having Python helper scripts is reasonable for optional local tooling and matches the SKILL.md note about optional Python 3.9+ scripts.
Instruction Scope: okThe SKILL.md gives focused runtime instructions: triage for safety flags, give concrete coaching, and redirect only for clear hard-safety/legal/medical cases. It does not instruct the agent to read unrelated system files, exfiltrate secrets, or call external endpoints. The silent safety-scan of user messages and use of local reference files is coherent for the stated purpose.
Install Mechanism: okNo install spec is provided (instruction-only deployment). The repository does include optional Python scripts but the SKILL.md explicitly states they are optional helper scripts requiring Python 3.9+ and no network access. There are no downloads, brew/npm installs, or external URLs in the manifest that would raise install-related flags.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is appropriate for a coaching skill that uses only included references and local scripts.
Persistence & Privilege: okThe skill is not marked always:true and uses default agent invocation behavior. It does not request elevated or persistent system privileges in the metadata. Autonomous invocation is enabled by default (platform normal), and nothing else in the manifest indicates it will modify other skills or system-wide settings.