Skillv1.0.0

ClawScan security

Writing Better Skills · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 12, 2026, 9:58 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: its files, scripts, and instructions match a meta-skill for authoring other skills and do not request unrelated credentials or external installs.
Guidance: This package is a meta-skill for writing skills and appears coherent. Before installing or allowing autonomous runs: 1) skim the scripts (scripts/quick_validate.py and the reference generator) to ensure you trust their local file operations; they operate on repository files and may create project.skill.md from the template and create missing output directories via a benign healing script. 2) Never put secrets in project.skill.md (the templates explicitly warn against it). 3) Run the quick_validate and provided tests locally in a safe environment if you want to confirm behavior before enabling autonomous invocation. 4) If you use this on sensitive repos, be mindful that agents following this skill will write small project-local files and run shipped Python scripts — audit them first.

Purpose & Capability: okName/description (authoring skills) align with the shipped files: templates, references, validator, example project, generator, tests, and a small self-healing helper. All required artifacts are appropriate for a skill-authoring/reference toolkit.
Instruction Scope: okSKILL.md instructs agents to read/write project-local files, run provided scripts, and use references. Those instructions are consistent with the purpose. The only file-write behavior called out is creating project.skill.md from the template and a narrow self-healing script that creates a missing output directory — both documented and expected.
Install Mechanism: okNo install spec or external downloads; this is an instruction-and-scripts package that runs local Python scripts. No evidence of fetching arbitrary remote code or using obscure host URLs.
Credentials: okThe skill requests no environment variables, credentials, or config paths. All scripts operate on local files passed as arguments; there are no unrelated secrets or external service tokens required.
Persistence & Privilege: okalways is false and the skill is user-invocable/autonomous invocation is enabled (platform default). The skill does not request permanent presence or modify other skills' configs. Autonomous invocation is normal — no additional privilege escalation observed.