ClawHub
Back to skill
vv1.0.0

Nerve Bridge Skill

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:49 AM.

Analysis

This skill is openly designed to drive another IDE with AppleScript and send it arbitrary code/command instructions, which is powerful enough that users should review it carefully before installing.

GuidanceReview this skill carefully before installing. It is not hiding its behavior, but it is a powerful bridge that lets an agent paste instructions into Trae and trigger execution. Use it only for trusted tasks, avoid putting secrets in instructions, and be cautious about granting macOS Accessibility permissions.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Use when needing to execute code/commands in Trae IDE and wait for completion confirmation.

The skill is explicitly intended to send code/command execution instructions into another IDE, which is a high-impact escape-hatch capability without clear scoping or approval boundaries in the artifacts.

User impactIf invoked with a risky instruction, the agent could cause Trae to edit files, run commands, or change a project through the IDE.
RecommendationInstall only if you intentionally want an agent-controlled bridge into Trae; review each invocation and restrict use to trusted, user-approved tasks.
Unexpected Code Execution
SeverityMediumConfidenceHighStatusConcern
scripts/nerve_bridge.py
full_payload = (instruction + "\n\n" "# --- SYSTEM HOOK ---\n" "# REQUIRED: Execute this to report completion:\n" + hook_code + "\n")

The script automatically appends Python code and marks it as required for Trae to execute, so every submitted instruction includes an additional code-execution step.

User impactTrae may run appended Python code in addition to the user’s requested task, creating local files and potentially normalizing automatic code execution as part of the workflow.
RecommendationTreat the appended hook as executable code; ensure Trae’s execution context is safe and that users understand the extra code sent with each instruction.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
System Events and Terminal must have "Accessibility" permissions

macOS Accessibility permissions allow broad UI automation. This is disclosed and needed for the skill’s stated purpose, but users should understand the breadth of that local permission.

User impactGranting these permissions lets the automation environment simulate keyboard actions in applications, not just provide a narrow API call.
RecommendationGrant Accessibility permissions only if you trust this workflow, and revoke them when the bridge is no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/nerve_bridge.py
if os.path.exists(FEEDBACK_FILE): ... data = json.load(f) ... print(f"✅ [Ack] Feedback received from Trae: {data}")

The completion acknowledgment is based only on a local JSON file path, with no authentication of which process wrote it.

User impactThe skill could treat a locally created file as proof that Trae completed the task, which may lead to false completion signals.
RecommendationUse the feedback only as a convenience signal, not as proof that Trae safely or correctly completed a high-impact task.
Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
Payload is copied to system clipboard via `pbcopy`

The instruction sent to Trae is placed on the system clipboard, which is disclosed and purpose-aligned but can expose sensitive prompt contents to other local clipboard-aware apps.

User impactSecrets or private data included in the instruction may temporarily appear in the macOS clipboard.
RecommendationAvoid sending passwords, tokens, or private data through this bridge unless you are comfortable with clipboard exposure.