Back to skill
Skillv1.0.0
ClawScan security
operations-engineer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 3:47 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only operations-engineer skill that provides runbook-style guidance and requests no credentials, installs, or file/system access, so its requirements are coherent with its stated purpose.
- Guidance
- This skill is coherent and low-risk as an advice/runbook resource, but treat its output as guidance only: do not blindly execute any commands it suggests, test procedures in a staging environment, avoid pasting secrets into prompts, and consider requiring explicit user confirmation before performing any privileged or production changes. If you plan to let an agent act autonomously using this skill, restrict that agent's credentials and monitor its actions.
Review Dimensions
- Purpose & Capability
- okThe name and description describe an operations engineer; the skill requires no binaries, env vars, or config paths, which is appropriate for an advice/runbook skill. Nothing requested is out of scope for providing operational guidance.
- Instruction Scope
- okSKILL.md limits behavior to monitoring, alerting, incident triage, performance optimization, backups, and recovery. It does not instruct the agent to read local files, access credentials, post to external endpoints, or run commands autonomously.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), which is the lowest-risk model for this kind of skill.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. There is no disproportionate request for sensitive access.
- Persistence & Privilege
- okalways:false (default) and normal autonomous invocation settings are used. The skill does not request permanent presence or system-level configuration changes.