Skillv4.0.1

ClawScan security

Wahoo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 6, 2026, 5:52 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only screenwriting skill whose files and runtime instructions align with its stated purpose and do not request credentials, installs, or unusual system access.
Guidance: This skill appears coherent and self-contained for creative screenwriting. Before installing, consider: (1) Privacy: the documentation mentions memory retrieval and "self-evolution" — ask the maintainer whether user prompts or outputs are stored or sent off-platform, and for how long. (2) Transparency: the default 'silent' thinking mode hides internal reasoning; if you want to see chain-of-thought or provenance, ask whether a transparent mode is available. (3) Provenance and support: there is no homepage or publisher information beyond an owner ID — if you need support, data deletion, or licensing terms, request contact/terms from the author. (4) Safety: avoid pasting sensitive personal, proprietary, or secret data into prompts until you confirm retention and sharing policies. (5) Test: try non-sensitive sample prompts to verify behavior (output style, compression after many rounds, and whether it stores or reuses prior inputs). Overall the skill is internally consistent with its stated purpose.

Review Dimensions

Purpose & Capability: okName/description (creative screenwriting master) matches the SKILL.md and the included reference materials. All resources are screenplay methodologies, templates, and workflow instructions — nothing in the package requests unrelated capabilities (cloud access, system credentials, or network endpoints).
Instruction Scope: noteThe SKILL.md defines an internal 8-step workflow, memory-retrieval and self-evolution language (e.g., '记忆检索', '用户反馈提取', '自进化机制') and a default '静默模式' that hides internal reasoning. These are legitimate for a writing assistant but imply the skill intends to reuse user inputs/feedback internally; the skill does not instruct the agent to read system files, secrets, or external endpoints. Recommend confirming how user data/feedback is stored or retained (session-only vs persistent) and whether the agent will surface reasoning when requested.
Install Mechanism: okNo install spec or code files that execute binary installs are present; this is an instruction-only skill. That minimizes supply-chain risk. The file set are Markdown references and SKILL.md only.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. There are no names like TOKEN/KEY/PASSWORD requested anywhere in the materials — environment/credential footprint is minimal and appropriate for the described functionality.
Persistence & Privilege: notealways:false (good). The skill describes internal behaviors like background '思维链' (thought chain) and an automatic compression after 12 rounds; the skill can be invoked autonomously by the agent (disable-model-invocation:false) which is the platform default. These are not disqualifying, but you may want to confirm if 'self-evolution' implies persistent storage of user prompts or outputs beyond the session.