STM32 CubeMX
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: stm32-cubemx Version: 1.0.3 The skill bundle is designed for interacting with the STM32CubeMX CLI to configure and generate embedded project code. It uses standard development tools like `cmake`, `rm`, `cat`, and `arm-none-eabi-size` for build and project management, which are all aligned with its stated purpose. There is no evidence of data exfiltration, malicious execution (e.g., downloading and executing remote payloads), persistence mechanisms, obfuscation, or prompt injection attempts against the agent to perform unauthorized actions. The instructions and code snippets are purely functional and domain-specific.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with the wrong project path, the workflow could delete the wrong build folder or regenerate files unexpectedly.
The skill documents local shell commands that delete a build directory and run a build. This is purpose-aligned for STM32 project generation, but incorrect paths could remove or change local project files.
rm -rf build/Debug cmake --preset Debug cmake --build build/Debug
Confirm PROJECT_DIR and IOC_FILE before running commands, keep the project under version control, and review generated changes before committing or flashing firmware.
Users must independently ensure they are using a legitimate STM32CubeMX installation and compatible build tools.
The skill has no declared source/homepage and does not declare the external binaries its instructions rely on, even though the workflow expects local STM32CubeMX and build tools.
Source: unknown Homepage: none Required binaries (all must exist): none
Install STM32CubeMX from STMicroelectronics or another trusted source, verify tool paths manually, and treat the skill as documentation rather than a vetted installer.