Back to skill
Skillv1.0.2
ClawScan security
Find Souls · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 1:21 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are consistent with its stated purpose: it searches an external persona index and downloads SOUL.md files into the project while keeping backups.
- Guidance
- This skill appears coherent and low-risk for its stated purpose, but review these practical points before installing: (1) It will read and write files in your current project (SOUL.md) and use ~/.cache/agent-souls/ for the index; make sure you are comfortable with that. (2) It downloads content from https://agent-souls.com — if your environment restricts external network access or you don't trust the domain, do not install. (3) Backups are stored in .soul_backups/ inside your project — consider adding that directory to .gitignore if you don't want backups committed. (4) Inspect downloaded SOUL.md files before using them if you want to verify content. No credentials or system-wide privileges are requested.
Review Dimensions
- Purpose & Capability
- okThe skill claims to search and install persona files from agent-souls.com and its instructions only require fetching search.json and SOUL.md files and manipulating local SOUL.md and backup files. No unrelated credentials, binaries, or platform artifacts are requested.
- Instruction Scope
- okRuntime instructions are focused: check a cached index at ~/.cache/agent-souls/search.json, optionally fetch the index from https://agent-souls.com, download the chosen SOUL.md or SOUL.en.md, and back up/replace SOUL.md in the current working directory. The skill reads and writes only the cache, current SOUL.md, and .soul_backups/ as expected for the described functionality.
- Install Mechanism
- okThere is no install spec or bundled code — instruction-only skill — so nothing is written to disk by an installer. Network fetches are limited to agent-souls.com as described.
- Credentials
- okThe skill declares no required environment variables, credentials, or privileged config paths. The only resources accessed are the user's cache and current project files, which are appropriate for a file-downloading persona installer.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide changes or modify other skills. It maintains backups under the project's .soul_backups/ directory which is scoped to the user's project.