Skillv1.0.0

ClawScan security

技术解释器（当你发来一句或一段包含技术名词的文本时，自动识别其中的专业术语，用"是什么 → 解决什么问题 → 通俗比喻"的三步法，为没有技术背景的小白逐个解释每一个陌生词汇。） · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 8:15 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested resources and instructions match its stated purpose (explaining technical terms in plain language) and it does not request extra credentials, installs, or unusual permissions.
Guidance: This skill appears coherent and low-risk: it only needs the user-supplied text to produce plain-language explanations and includes a local glossary for common terms. Before installing or using it, keep these practical points in mind: (1) Privacy: the skill will process whatever text you paste — do not submit secrets, credentials, private keys, or sensitive personal data. (2) Accuracy: concise, friendly explanations are the goal, but the model can still hallucinate or oversimplify—verify critical technical facts against authoritative sources. (3) Scope clarity: the SKILL.md asks the agent to extract "non-common" technical terms — this is somewhat subjective and may cause the agent to highlight more or fewer terms than you expect; test with samples to confirm behavior. (4) Logging/forwarding: although the skill does not declare external endpoints, consider your environment's logging/auditing — outputs may be recorded by the host system. If any of these are concerns, restrict usage or avoid pasting sensitive content.

Review Dimensions

Purpose & Capability: okName/description (explain technical terms to non-technical users) align with the provided assets: an instruction SKILL.md and a local glossary (references/common-terms.md). It does not request unrelated binaries, environment variables, or credentials.
Instruction Scope: okSKILL.md gives narrow, explain-focused runtime instructions (identify non-common technical terms in user-provided text and explain each using a 3-step template). It references the included common-terms.md for high-frequency lookups (this is consistent). The instructions do not ask the agent to read system files, exfiltrate data, call external endpoints, or access environment variables.
Install Mechanism: okThere is no install spec and no code files to execute. This is instruction-only, so nothing is written to disk or downloaded during install.
Credentials: okThe skill requires no credentials, config paths, or environment variables — appropriate for a read-and-rewrite explanation tool.
Persistence & Privilege: okalways is false and the skill does not request permanent or elevated presence. There is no indication it modifies other skills or agent-wide configuration.