Skillv1.0.2

ClawScan security

NoteStore Lab Case Review · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 8, 2026, 10:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: its instructions, install recommendations, and runtime scope match the stated purpose of teaching a local, copy-first Apple Notes case review flow.
Guidance: This skill appears coherent with its stated goal of teaching a local NoteStore Lab MCP review flow. Before installing: verify the PyPI package name and author, inspect the package source (or prefer the GitHub repo releases referenced in the README), run it in an isolated virtualenv or sandbox, and avoid pointing the MCP at a live Apple Notes store—use copied case roots and demo artifacts as instructed.

Purpose & Capability: okName/description, SKILL.md, README, and references all consistently describe installing and operating a local NoteStore Lab MCP review surface; requested actions (pip/uvx/notes-recovery CLI) are appropriate for that purpose.
Instruction Scope: okRuntime instructions stay within the review scope: demo-first proof path, local stdio MCP, one explicit case root, and derived-artifact-first guidance. There are no directives to read unrelated system files or export secrets.
Install Mechanism: noteInstallation is via PyPI (python -m pip install apple-notes-forensics==0.1.0.post1) or local pip editable install—this is coherent with the skill but carries the usual moderate risk of installing third-party packages; no obscure download URLs or extract-from-arbitrary-URL steps.
Credentials: okThe skill declares no required environment variables, credentials, or config paths and its instructions do not ask for unrelated secrets—requested scope is proportional to its stated purpose.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request system-wide persistence or attempt to modify other skills/config — privileges are appropriate.