Back to skill
Skillv0.1.0
ClawScan security
Codebase Documenter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMay 1, 2026, 4:56 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5.5
- Summary
- This appears to be a documentation-template skill with no evidence of hidden network access, credential use, persistence, or unsafe code behavior.
- Guidance
- This skill looks safe to use for drafting codebase documentation. As with any documentation helper, avoid pasting secrets such as API keys, passwords, or private tokens into generated examples or project docs.
Review Dimensions
- Purpose & Capability
- okThe artifacts align with the stated purpose of helping write README, architecture, API, and code-comment documentation.
- Instruction Scope
- okThe instructions provide writing guidance, templates, and documentation workflow advice without goal override, deceptive prompts, or unsafe autonomous actions.
- Install Mechanism
- okThere is no install spec, no required binaries, no required environment variables, and the included JavaScript file is a small stub rather than an installer or downloader.
- Credentials
- okReviewing code structure is proportionate for a codebase documentation skill, and the artifacts do not request broad system, credential, or network authority.
- Persistence & Privilege
- okNo background service, persistence mechanism, privileged configuration, credential store access, or long-running worker is shown in the artifacts.