Skillv1.0.0

ClawScan security

Find Orphans · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 6:51 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are internally consistent with its stated purpose: it statically scans a project for unused files/components and can generate deletion scripts — but you should review any generated removal commands before running them.
Guidance: This skill appears to do what it claims: scan your codebase and identify likely orphaned files and unused code, and it can generate a bash script to remove them. Before installing or running it: 1) Ensure you trust the agent's environment and that it has access only to the intended repository (the skill will read the whole project). 2) Review clawhub.json: it requests file_read, file_write, and bash — which lets it write scripts and propose git rm commands. 3) Never run generated deletion scripts blindly: create a new branch (as the skill itself suggests), inspect the script, and run tests/build (npm run build) before merging. 4) Make sure git and your build tools are available where the agent runs (SKILL.md assumes git/npm but they aren't listed as required binaries). 5) Avoid running this on repositories that contain sensitive secrets you don't want scanned or exposed. If you want extra caution, run the skill on a cloned copy of the repo or in CI with isolated permissions.

Review Dimensions

Purpose & Capability: okName/description (find orphaned files, unused components, dead code) align with the instructions (scan package.json, extract imports, compare referenced files, detect unused exports/functions, analyze routes/styles/assets). The declared permissions in clawhub.json (file_read, file_write, bash) match the intended actions (reading the repo, outputting reports, optionally creating a bash removal script).
Instruction Scope: noteSKILL.md limits actions to static analysis of project files and producing reports/scripts. However it explicitly proposes generating and removing files via a bash script using git rm; that is destructive by nature. The doc includes sensible safeguards (recommend creating a branch, reviewing the script, running build verification) but the generated commands must be reviewed by a human before execution. It also expects access to git/npm for verification steps, but these binaries are not declared in the metadata.
Install Mechanism: okInstruction-only skill with no install spec or external downloads; no packages or remote code are fetched. This is low-risk from an install perspective.
Credentials: okNo environment variables, credentials, or external endpoints are requested. The skill works only with repository files and local project config, which is proportional to its purpose.
Persistence & Privilege: okalways is false and autonomous invocation is the platform default. The skill requests file_read/file_write/bash permissions (clawhub.json) which are reasonable for a tool that reads the repo and can emit cleanup scripts; there is no request to modify other skills or system-wide settings.