Meow Finder
PassAudited by ClawScan on May 1, 2026.
Overview
Meow Finder appears to be a simple offline AI-tool search CLI; the only notable issue is the extra npm dependency surface if you install it globally.
This looks safe for its stated purpose as an offline AI-tool finder. Before installing globally with npm, make sure you trust the package source and consider the extra dependencies listed in package.json.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A global npm install may pull in additional third-party code even though the CLI itself appears to be a local catalog searcher.
The visible CLI only requires the local data/tools.json file, so these caret-ranged third-party packages, including an unused network library, add supply-chain surface beyond what the reviewed code needs.
"dependencies": { "commander": "^12.0.0", "node-fetch": "^3.3.0", "chalk": "^5.3.0" }Install only if you trust the package source; consider reviewing the repository, pinning dependencies, or removing unused dependencies before global installation.