Back to skill
Skillv0.1.0
ClawScan security
flood-detection · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 9:22 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope are coherent for detecting flood events from water-level time series and do not request unrelated credentials or install steps.
- Guidance
- This guide appears straightforward and coherent for flood detection. Before installing or running it, ensure your data source (e.g., NWIS) is trustworthy and you understand units and thresholds (feet vs meters). Confirm your runtime has the needed libraries (pandas/json/csv) and be mindful that outputs are written to local files—avoid processing sensitive data unless you control the storage and downstream sharing. If you need the skill to fetch data from remote APIs, verify what credentials (if any) are required and only provide them when necessary.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md content: the document explains aggregating instantaneous water-level data, comparing daily maxima to thresholds, counting flood days, and classifying severity. There are no unrelated required env vars, binaries, or config paths.
- Instruction Scope
- okInstructions focus on data processing (resampling, threshold comparison, classification, CSV/JSON output). They reference typical data sources (e.g., NWIS) and standard operations (pandas-style resample) and do not instruct reading unrelated files, system credentials, or sending data to external endpoints.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. Risk from installation is minimal.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. The operations described (local data processing and file output) are proportionate to the stated purpose.
- Persistence & Privilege
- okalways is false (default), the skill is user-invocable and may be invoked autonomously per platform defaults—this is expected and not excessive. The skill does not request persistent system privileges or modifications to other skills.