Back to skill
Skillv1.0.0
ClawScan security
Skill AGI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 4:15 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This instruction-only skill's behavior — appending one-line learnings to a local learnings.md and reading them before complex tasks — matches its description and requests no credentials or installs.
- Guidance
- This skill is lightweight and coherent: it only appends and reads a local learnings.md and requests no secrets. Before installing, decide whether you are comfortable letting the agent write to the workspace or home files (the SKILL.md suggests promoting high-impact entries to workspace or Claude memory locations). Avoid logging secrets or sensitive data into learnings.md, and periodically review/clean that file (the SKILL.md already recommends this). If you do not want the agent to modify workspace files, restrict its file-write permissions or instruct the agent not to perform promotions outside the skill directory.
Review Dimensions
- Purpose & Capability
- okThe name/description (remember mistakes, append one-liner learnings, review before tasks) aligns with the instructions (append one-line entries to learnings.md and read them as needed). There are no unrelated environment variables, binaries, or installs required.
- Instruction Scope
- noteInstructions are narrowly scoped to appending and reading learnings.md in the skill directory. The documentation also suggests (as a human workflow) promoting important entries to workspace files (MEMORY.md, TOOLS.md, AGENTS.md) or to a Claude auto-memory path; that is guidance rather than an automated action, but it could lead the agent to edit files outside the skill directory if the agent is instructed to perform promotion — users should be aware edits to workspace/durable files are possible if allowed.
- Install Mechanism
- okNo install spec or code files; the skill is instruction-only so nothing is downloaded or written by an installer.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. It does not request access to unrelated services or secrets.
- Persistence & Privilege
- notealways is false and the skill is user-invocable with normal autonomous invocation allowed (platform default). This is appropriate for its purpose, but as with any autonomous skill, consider that the agent could be allowed to run the append/read steps without manual oversight; also promoting entries to workspace or user home paths would persist information beyond the skill directory if performed.