Back to skill
Skillv1.1.1
ClawScan security
Korean Document Reviewer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 13, 2026, 2:22 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (Korean business document review): it is instruction-only, requests no credentials or unusual installs, and its workflow (OCR → extraction → cross-validation) matches the description.
- Guidance
- This skill appears coherent and aligned with its stated purpose, but before installing consider the following: (1) It processes and extracts sensitive PII (business registration numbers, bank account numbers, representative names). Ensure your platform's workspace, logs, and inter-agent messaging are secure and that you are comfortable with these data being stored in reviews/REV-... JSON files. (2) The workflow uses sessions_spawn to run Sonnet sub-agents and a specific model name; verify that your environment supports that model and that you trust agent-to-agent communications and any third-party LLM endpoints. (3) The skill suggests sending chat summaries to channels like Discord — confirm you will not accidentally forward sensitive data to external chat integrations. (4) No credentials are requested by the skill itself, which is good; nevertheless, treat all extracted outputs as sensitive data and enforce appropriate access controls and retention policies. If you need higher assurance, request the publisher/source, or run the skill in an isolated environment with test/ redacted documents first.
Review Dimensions
- Purpose & Capability
- okThe name/description (Korean business document review) matches the instructions and reference checklists. Required capabilities (OCR, PDF→image conversion, per-document checklists, JSON output) are exactly what the skill documents ask for. There are no unrelated credentials, binaries, or external services required.
- Instruction Scope
- noteRuntime instructions focus on converting PDFs to images, running OCR, extracting fields, and cross-validating across documents — all within the stated purpose. It explicitly recommends spawning Sonnet sub-agents (sessions_spawn) and instructing them to read image paths and return JSON. This is expected for distributed processing, but it means sensitive PII (사업자등록번호, 계좌번호, 예금주 등) will be handled and transmitted between agent sessions; users should confirm that agent-to-agent communications and workspace storage meet their privacy/security requirements.
- Install Mechanism
- okNo install spec and no code files — instruction-only. The only external command referenced is pdftoppm (standard PDF→image utility), which is proportional to PDF processing. No downloads, third-party installs, or unusual package pulls are present.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The fields and data it extracts are sensitive by nature (IDs, account numbers), but these are appropriate for the review task and are not requested as environment secrets.
- Persistence & Privilege
- notealways:false and no requests to modify other skills or system configs. The skill instructs spawning of sub-agents (autonomous child sessions) and saving JSON results to a workspace path (reviews/REV-...). Spawning sub-agents is consistent with the distributed workflow but expands the operational surface (more sessions will process sensitive data).