Skillv1.0.0

ClawScan security

Arc Skill Differ · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 15, 2026, 6:52 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (diffing skill versions for security-relevant changes); it requires only python3, reads files you point it at, and does not request credentials or network access.
Guidance: This tool appears coherent and appropriate for its purpose. Before running it: point it only at the skill directories you mean to inspect (it will read all files under the provided paths), and avoid scanning directories that contain unrelated secrets. Treat its results as a helpful signal — review any flagged changes manually (false positives are possible, especially when patterns appear in docs). Because it runs locally and asks for no credentials or network access, it's low-risk to run on skill copies prior to updates.

Purpose & Capability: okName/description promise (compare two skill versions for security-relevant changes) aligns with what is included: a Python script that scans files and SKILL.md for patterns indicating network/credential/filesystem/code-execution/data-exfiltration/obfuscation/prompt-injection. Required binary is only python3, which is proportional.
Instruction Scope: okSKILL.md instructs running the included differ.py against two local directories and offers JSON/summary options. The runtime instructions only reference local paths and output formats; they do not instruct reading unrelated system state, exfiltrating data, or contacting remote endpoints.
Install Mechanism: okNo install spec (instruction-only with an included script). Nothing is downloaded or written during install. The included script is a static Python file that is read/executed locally.
Credentials: okThe skill declares no required environment variables or credentials. The differ.py scans code and SKILL.md for references to sensitive names (e.g., OPENAI_API_KEY) but it does not itself request nor require those secrets.
Persistence & Privilege: okalways is false and the skill does not attempt to modify agent or system-wide configuration. It runs on-demand against paths you supply.