Skillv1.0.0

ClawScan security

一个智能的业务需求转研发文档工具。AI 自主分析项目代码库，理解业务需求，参考实际代码，生成可直接执行的研发文档。支持任意技术栈，无需配置。 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 3:09 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions match its stated purpose: it scans a codebase, generates implementation-ready documents, and stores a local project memory; there are no unexpected credential requests, installs, or external endpoints, but it will read and persist repository content (which may include secrets) and the README/usage examples reference a 'kimi' CLI even though no binary/install is provided.
Guidance: This skill appears to do what it says: it will scan your project files to create implementation-ready requirements and persist a local project-profile under .ai-memory/. Before installing or running it, consider: 1) Review .ai-memory/project-profile.md after the first run to ensure no secrets or sensitive config were summarized; add .ai-memory/ to .gitignore or store memory encrypted if needed. 2) The README/examples reference a 'kimi' CLI but no installer or binary is provided — confirm how your agent will invoke the skill. 3) Limit the agent's filesystem scope if possible (run on copies or in restricted containers) when analyzing repositories that contain credentials, proprietary data, or large amounts of sensitive logs. 4) If you want higher assurance, ask the publisher for an explicit invocation mechanism or an install script and for guarantees about what gets persisted and how it is protected.

Review Dimensions

Purpose & Capability: noteThe name/description (generate developer docs by analyzing a repo) align with the instructions: the SKILL.md explicitly directs the AI to explore the project root, analyze code/config files (package.json, README, etc.), find similar implementations, and produce docs. One minor inconsistency: usage examples call a 'kimi' CLI, but the package provides no required binaries or install spec — this is likely just illustrative but could confuse users about how the agent is expected to be invoked.
Instruction Scope: noteInstructions explicitly direct the agent to traverse the project root, read many code/config files, and create a persistent '.ai-memory/project-profile.md'. That behavior is coherent with the stated goal, but it means the skill will read arbitrary repository files (potentially secrets or credentials) and store extracted summaries locally. The SKILL.md does not instruct sending repository data to external endpoints, which reduces exfiltration risk.
Install Mechanism: okNo install spec or code files are present (instruction-only). This is the lowest-risk model for install behavior because nothing will be downloaded or written by an installer beyond what the agent itself does at runtime.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The operations it requires (filesystem read/write inside the project) are proportionate to its purpose; there are no unrelated secrets requested.
Persistence & Privilege: noteThe skill writes a local '.ai-memory/project-profile.md' in the project root to persist its analysis. This is consistent with its stated 'project memory' feature, but it grants the skill the ability to create files in the repository. Users should be aware this could leak sensitive info into the repo if the summary includes secrets or is accidentally committed.