Back to skill
Skillv1.0.2
ClawScan security
Clear-Mind Skill (龙虾大脑自动清理技能) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 4:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requested actions (reading MEMORY.md, creating a facts/ directory, and migrating factual content) match its stated purpose and contain conservative safeguards (user confirmation, 'when in doubt keep'), with no extra installs or credential requests.
- Guidance
- This skill appears coherent with its purpose: it will read your MEMORY.md, create a facts/ folder, and move scenario-specific factual data into separate files while preserving core behavioral rules. Before installing or running it, confirm these points: 1) Where (exact path) will the skill write files? Clarify whether 'memory/facts/' or '/memory/facts/' is intended to avoid writing to root or unexpected locations. 2) Ensure you have an explicit backup/rollback method (the README mentions rollback but SKILL.md does not detail how backups are created). 3) Review how the agent decides what counts as 'factual bloat' (classification is partly judgment-based) so sensitive items (credentials, PII, or financial secrets) are not moved or exposed unintentionally. If those items are stored in MEMORY.md, consider removing them first or restrict file permissions where the facts/ directory will be created.
Review Dimensions
- Purpose & Capability
- okThe name and description (memory maintenance and factual migration) align with the runtime instructions: reading MEMORY.md, classifying content, creating a facts/ directory, migrating/mirroring facts, and rewriting MEMORY.md. There are no unrelated environment variables, binaries, or installs requested.
- Instruction Scope
- noteInstructions stay within the stated purpose (analyze MEMORY.md, categorize content, migrate facts, preserve core rules) and require user confirmation before the first run. However, some classification steps depend on agent judgment (potentially vague), and file-path notation is inconsistent (both 'memory/facts/' and '/memory/facts/' appear). The skill will read and write potentially sensitive factual files (portfolio, projects, user directives), so the exact mechanics of classification and backup/rollback should be confirmed before running.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — no downloads, package installs, or new binaries are requested. This minimizes disk footprint and installation risk.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. Its declared needs are proportionate to its purpose (file read/write within the agent's memory area).
- Persistence & Privilege
- okalways:false and default autonomous invocation are normal; the skill does not request permanent/global privileges or modifications to other skills. It operates on the agent's memory files only.