Skillv0.1.0

ClawScan security

Describe Design · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 9:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested actions and instructions match its stated purpose (research a codebase and produce architecture docs); it is an instruction-only skill and does not request unrelated credentials or installs.
Guidance: This skill appears coherent for documenting a codebase. Before installing or invoking it, consider: (1) Limit the repository or workspace the agent can access — architecture research legitimately reads README/config and source files, which may contain secrets; avoid granting access to production credentials or entire home directories. (2) Provide an explicit target path when you want the skill to write files and confirm writes as instructed. (3) If you only want high-level docs, ask the agent to ignore .env or credentials files. (4) Review the generated document (and any referenced paths) before committing or publishing it.

Review Dimensions

Purpose & Capability: okName/description (produce architecture docs from a codebase) align with the instructions: scanning directories, reading READMEs/configs, tracing code paths, and producing markdown + Mermaid diagrams are all expected capabilities for this goal. No unrelated binaries, installs, or credentials are requested.
Instruction Scope: okSKILL.md explicitly instructs the agent to explore repository files, identify entry points, trace code paths, and produce a draft for user review. It cautions against copying code and requires explicit user confirmation before writing files. The scope is focused on documentation and code exploration; it is not open-ended or instructing unrelated data collection.
Install Mechanism: okNo install spec and no code files are present (instruction-only). This minimizes disk writes and arbitrary code execution risk.
Credentials: noteThe skill declares no required environment variables or credentials, which is appropriate. It does instruct documenting configuration and environment variables found in the repo — which implies the agent may read config files that could contain secrets. This is expected for architecture research but worth noting: the skill itself does not request credentials, so any access to secrets depends on the agent's repository permissions.
Persistence & Privilege: okalways is false and the skill does not request persistent installation or system-wide changes. It explicitly requires user confirmation before writing documents, which limits autonomous modification of the filesystem.