Cap Table
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is a small local Python cap-table calculator with no credential, network, or persistence behavior, but its documentation appears to overstate its functionality and references a missing script name.
This appears safe from a security perspective, but verify the correct script name before running it and do not rely on its simple calculations for real fundraising, legal, tax, or valuation decisions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The documented command may fail or, if run from a directory containing another captable.py, could execute a file outside the reviewed skill.
The usage instructions reference captable.py, but the provided manifest/source includes cap.py instead. This is a missing referenced file/provenance mismatch rather than evidence of malicious behavior.
python3 captable.py --action summary
Use the reviewed cap.py file directly or ask the publisher to correct the documentation or include the referenced captable.py file.
Users could over-trust the output for fundraising, valuation, or ownership decisions even though the implementation is only a basic calculator.
The documentation advertises broad financial modeling capabilities, while the included cap.py only performs a very simple percentage printout.
Comprehensive cap table modeling tool... 409A valuation support
Treat results as illustrative only and verify any cap-table, dilution, or valuation analysis with a qualified professional or a more complete reviewed tool.