Dependency Map Builder
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a purpose-aligned dependency-mapping helper that produces reviewable text output and does not show evidence of external system modification, credential use, or network activity.
This looks safe for generating dependency maps from materials you provide. Before installing or using it, remember that the optional Python helper can read the input path and write an output file, so avoid feeding it unrelated sensitive files and review any generated report before sharing or acting on it.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent may run a local Python script to process a user-selected input and generate an output file.
The skill allows optional local execution of its bundled Python helper. This is disclosed and purpose-aligned, but users should notice that it involves running local code with chosen input and output paths.
如运行环境允许 shell / exec,可使用:`python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>`Use input files you intend to process, choose a safe output path, and prefer stdout or dry-run style review when unsure.
The script can read local material selected as input and can write a report file if an output path is supplied.
The documented helper accepts local input and output paths. This is expected for a report-generation skill, and the presence of stdout and dry-run options provides a safer review-oriented workflow.
`--input 输入文件或目录` / `--output 输出文件,默认 stdout` / `--dry-run 仅分析不写文件`
Review file paths before running the helper, avoid passing sensitive unrelated directories or files, and use `--dry-run` or default stdout when you do not want files written.