Dataset Intake Auditor
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent local dataset-auditing skill; the main things to notice are that it can run a bundled Python script on local files and its upstream source is not identified.
This skill looks appropriate for local dataset intake review. Before installing or using it, confirm you trust the package source, run it only against datasets you are allowed to analyze, choose input and output paths deliberately, and review the Markdown report for sensitive details before sharing it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The script may read the dataset path the user provides and write a report to the chosen output path.
The skill explicitly allows running a bundled local Python script. This is disclosed and aligned with dataset auditing, but it is still local code execution on user-provided paths.
如运行环境允许 shell / exec,可使用:`python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>`Run it only on intended files, use a safe output location, and review the generated report before sharing or acting on it.
If the dataset or file path is sensitive, the generated audit report may contain information the user should not share broadly.
The generated report can include the local input path, field names, row counts, and column-level summaries. This is expected for the skill, but the report may still reveal dataset metadata.
f"文件:`{path}`", f"采样行数:{len(rows)}" ... out.append(f"- {field}: 非空 {len(non_empty)}/{len(rows)},唯一值约 {unique}")Use sanitized datasets when possible and review the output for sensitive file paths, field names, or business context before distributing it.
Users have less upstream context for who maintains the skill or where to verify it.
The package provenance is not well identified. The artifacts do not show a remote installer or hidden dependency, so this is a provenance notice rather than a behavioral concern.
Source: unknown; Homepage: https://example.invalid/skills/dataset-intake-auditor
Prefer installing from a trusted registry entry and inspect the included files if provenance matters for your environment.