Skillv2.0.2

ClawScan security

Agent Learner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 10:34 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill does what it claims — a local, file-backed CLI for logging, benchmarking, searching, and exporting agent prompts/results — and its files, required tools, and behavior are proportionate to that purpose.
Guidance: This skill is coherent and appears safe to use, but it persistently stores everything you send it (prompts, evaluation text, costs, etc.) as plain text under ~/.local/share/agent-learner. Do not enter API keys, secrets, or other sensitive data into the tool. Inspect the data directory and set appropriate file permissions or periodically delete logs if you need confidentiality. If you want extra assurance, review the included scripts before running or run the tool in a restricted environment (container or limited user account).

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, and the bundled bash script are consistent: the tool stores timestamped category logs, supports search, export, stats, and status. It only requires standard Unix utilities and writes data to a user-local directory (~/.local/share/agent-learner), which matches the stated purpose.
Instruction Scope: noteInstructions and the script operate only on files under the DATA_DIR and stdout; they do not call external networks or other system services. Important note: the skill persistently logs any input (prompts, evaluation text, costs, etc.) to disk in plain text, so sensitive prompts, credentials, or model outputs pasted into entries will be stored locally. Also there are minor formatting mismatches between SKILL.md (pipe-separated history entries) and the _log() format used for history.log, but this is an implementation detail, not a security problem.
Install Mechanism: okNo install spec; this is instruction-only plus an included shell script. Nothing is downloaded or installed from external URLs at runtime, and no archives are extracted. Risk from installation actions is minimal.
Credentials: okThe skill requests no environment variables, no credentials, and uses only HOME to build a per-user data directory. No unexpected secrets or external service tokens are requested.
Persistence & Privilege: noteThe skill persistently writes logs and export files into the user's home (~/.local/share/agent-learner). It does not request elevated privileges, always:true is not set, and it does not modify other skills or system-wide configs. The main consideration is local data persistence of potentially sensitive content (see instruction_scope).