Back to skill
Skillv1.0.0
ClawScan security
Explain Code 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 14, 2026, 2:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This instruction-only skill is internally consistent: it provides guidance for explaining code with analogies and ASCII diagrams and does not request extra permissions or installs.
- Guidance
- This skill is instruction-only and does not ask for credentials or install software, so it's low risk to add. Still: avoid pasting sensitive or proprietary code into the conversation (the agent will use any code you provide to generate explanations). Verify the agent's explanations for correctness before acting on them.
Review Dimensions
- Purpose & Capability
- okName and description match the SKILL.md instructions. The skill only instructs the agent how to explain code (analogies, ASCII diagrams, step-throughs) and does not request unrelated resources, binaries, or credentials.
- Instruction Scope
- okRuntime instructions are narrowly scoped to producing explanations (use analogies, ASCII art, step-throughs, highlight common issues). The SKILL.md does not instruct the agent to read system files, environment variables, or transmit data to external endpoints.
- Install Mechanism
- okNo install spec or code files are present. Being instruction-only means nothing is written to disk or downloaded during installation.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths — appropriate for an explanation-only utility.
- Persistence & Privilege
- okalways is false and the skill is user-invocable (normal). The skill does not request persistent presence or modify other skills or system configurations.