Back to skill
Skillv1.0.0
ClawScan security
File Writer Safe · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 5:18 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The instructions and requirements are internally consistent with a safe large-file write/update helper — it asks for no extra credentials, no installs, and only describes reading/writing files which matches its purpose.
- Guidance
- This skill is coherent, but remember: it assumes the agent has filesystem write/read privileges. Only use it when you trust the agent and ensure it operates on intended paths (avoid sensitive system files like /etc/passwd). Before running on critical files, test the workflow on copies, verify backups are created and stored safely, and confirm the agent's 'read/edit/write' primitives behave as documented in your environment.
Review Dimensions
- Purpose & Capability
- okThe skill's name and description (safe large-file writes) align with the runtime instructions: read current state, use edit/write primitives, verify, and use backups. It does not request unrelated binaries, services, or credentials.
- Instruction Scope
- okSKILL.md directs the agent to read, edit, write, verify, and backup files at user-specified paths — exactly what a file-writing helper should do. It does not instruct the agent to access unrelated system state (shell history, network secrets) or exfiltrate data. Some example commands (wc, cp, read/edit/write) assume filesystem access, which is expected for this skill.
- Install Mechanism
- okThere is no install spec and no code files; this instruction-only skill installs nothing and therefore poses minimal install-time risk.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. That is appropriate — a local file editing strategy needs filesystem access but not external secrets.
- Persistence & Privilege
- okalways is false and the skill does not request permanent presence or modify other skills' configurations. Autonomous invocation is allowed by default but this is expected for user-invocable skills and is not coupled with broad privileges here.