Clawhub Publish Security

The skill is a legitimate security utility designed to scan local directories for sensitive information (API keys, passwords, phone numbers) before publication to ClawHub. The core logic in `security-scan.py` uses regular expressions to identify potential leaks and provides remediation advice without any network activity, data exfiltration, or persistence mechanisms. The documentation (SKILL.md, README.md, and VETTING_REPORT.md) is transparent, consistent with the tool's defensive purpose, and contains no malicious instructions or prompt-injection attempts.