Skillv1.0.0

ClawScan security

子代理任务拆分 + Superpowers · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 12, 2026, 2:11 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match its stated purpose (splitting tasks for subagents and invoking a 'using-superpowers' helper); it makes no external installs or credential requests, but it does mandate writing files under /tmp and leaving unspecified 'forum' traces which you should review before use.
Guidance: This skill appears coherent for splitting tasks and orchestrating subagents. Before installing, verify two things: (1) where does '论坛留痕' (forum trace) go? Make sure it does not post sensitive outputs to an external or public forum; ask the skill author or the platform how 'forum' is implemented. (2) The skill writes task briefs to /tmp/tasks; ensure this behavior is acceptable in your environment and that files are ephemeral or cleaned up to avoid leaking sensitive data. Also confirm that the 'using-superpowers' skill it mandates is trusted and available — the SKILL.md forces calling it even for marginal cases, which may cause extra agent activity. If you need higher assurance, request a version of the skill that (a) documents the forum endpoint, (b) allows configuring the task brief path, and (c) explains how spawned subagents are authorized and where their outputs go.

Purpose & Capability: okThe name/description claim 'subagent task-splitting' and 'using-superpowers' and the SKILL.md explicitly instructs calling that helper, splitting tasks, and spawning subagents — these are coherent and expected for this purpose.
Instruction Scope: noteInstructions require creating Task Brief files under /tmp/tasks/ and mandate 'forum leave-trace' after completion. The file-writing is explicit and within scope for task orchestration, but the 'forum' trace is unspecified (no endpoint or destination), which could result in unexpected external posting if the agent/platform maps 'forum' to an external channel.
Install Mechanism: okInstruction-only skill with no install spec, no binaries, and no code files — lowest-risk install footprint.
Credentials: noteThe skill requests no environment variables or credentials (proportionate). However, it instructs writing to /tmp/tasks and implies the agent will inspect how many files/directories a child agent needs to access; this filesystem interaction wasn't declared as a config path and could touch user data if the agent evaluates local directories.
Persistence & Privilege: okSkill is not always-on and does not request special platform-wide privileges. It does instruct spawning subagents (normal for subagent tooling) and writing transient files to /tmp, which is routine but should be cleaned up by the workflow.