Back to skill
Skillv1.0.0
ClawScan security
File Writer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 5:17 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only guide for safely reading and editing large files; its requested capabilities and instructions are consistent with that purpose and do not request unexpected credentials or installs.
- Guidance
- This skill is internally consistent and appears to do what it says, but it grants the agent the ability to read and write arbitrary files (including recommended use of cp/backups). Before installing or enabling it: (1) confirm what the agent-provided commands like read/edit/write map to in your runtime and ensure they enforce OS file permissions; (2) restrict the agent's filesystem access (or sandbox it) so it cannot touch sensitive system or credential files; (3) test the strategy on non-sensitive files first; (4) require backups and logging for any production file changes; and (5) consider adding a wrapper or policy that limits allowed target paths and enforces review for destructive changes.
Review Dimensions
- Purpose & Capability
- okName/description (safe file writes for large files) match the SKILL.md: the instructions describe reading, chunking, editing, verifying, backing up and restoring files. There are no unrelated env vars, binaries, or installs requested.
- Instruction Scope
- noteThe runtime instructions explicitly tell the agent to read, edit, write and copy arbitrary file paths and to run checks (e.g., cp, wc, read with offsets). Those actions are appropriate for a file-writer skill, but they give broad file-system read/write capability — which is powerful and should be constrained by runtime permissions and deployed agent policy.
- Install Mechanism
- okNo install spec and no code files — the skill is instruction-only so nothing is downloaded or written to disk by an installer.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths beyond normal file paths, which is proportionate to its stated purpose.
- Persistence & Privilege
- okalways is false and there is no indication the skill requests persistent or elevated platform privileges; autonomous invocation is allowed by default but not combined with other risk signals here.