Back to skill
Skillv2.0.0
ClawScan security
LSP Code Navigation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 2:39 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are consistent with a local LSP client/daemon for code navigation; it asks only for Python and manages local language-server subprocesses and a Unix socket as described.
- Guidance
- This skill appears to do what it claims: run a local Python LSP client that starts language servers on-demand. Before installing, consider: 1) Inspect the included scripts (lsp-query.py is bundled) and only symlink into a PATH location you control; 2) Language servers are started as subprocesses and will run with your user privileges — install language servers from trusted package sources (npm, apt, rustup, go) and avoid installing unknown binaries; 3) The daemon creates a Unix socket under ~/.cache/lsp-query and will access files under the configured workspace — avoid pointing it at sensitive directories or set LSP_WORKSPACE explicitly; 4) LSP_SERVER environment variable can override the server command (it can be used intentionally or abused) — don't set it to untrusted commands. If you need extra caution, run the script directly (not symlinked), or run it inside an isolated environment/container or a workspace with non-sensitive data.
Review Dimensions
- Purpose & Capability
- okName/description match what is implemented: a Python-based LSP client that lazy-starts per-language LSP servers and exposes CLI commands for definition, references, hover, symbols, diagnostics, etc. Requiring python3 and recommending installing language servers is expected and proportional.
- Instruction Scope
- noteSKILL.md and the included script instruct the agent/user to run the script, set LSP_WORKSPACE, and to symlink the script into PATH. The runtime behavior (reading workspace files, opening files for LSP analysis, managing Unix socket at ~/.cache/lsp-query/daemon.sock, spawning language-server subprocesses) is consistent with the stated purpose. Note: the skill will read repository files and manage background processes — this is necessary for LSP functionality but means it will access any files under the configured workspace.
- Install Mechanism
- okNo install spec; the skill is instruction-only with a bundled Python script. It does not download or execute code from remote URLs during install. It does suggest (to the user) standard package installs for individual language servers (npm/go/rustup/apt/brew), which is expected.
- Credentials
- okOnly runtime dependency declared is python3; environment variables are limited to LSP_WORKSPACE, LSP_SERVER, LSP_LANG, LSP_TIMEOUT, LSP_SOCK and are documented in SKILL.md. No credentials or unrelated secrets are requested.
- Persistence & Privilege
- noteThe script launches a background daemon and per-language server subprocesses and uses a Unix socket in the user's home cache directory. always:false (not force-included) and normal model invocation settings are used. This persistence is expected for a daemonized LSP client, but users should be aware the process can remain running and will run with the user's privileges while active.