Cold Chain Risk Calculator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a small local calculator with no credential, network, persistence, or destructive behavior, but its documentation does not fully match the bundled script’s scoring and output.
This skill appears safe from an agent-security perspective, but use it only as a rough calculator. Check the actual script output and scoring logic before using results for cold-chain operations, QA records, or regulated decisions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may expect a structured QA-style JSON report and documented thresholds, but the script may return different plain-text results and a different risk level.
The documentation describes JSON output and one scoring model, while the included script prints plain text and uses different risk thresholds. This is not evidence of malicious behavior, but it could mislead a user or agent about what the tool actually produces.
SKILL.md: "The script outputs a structured JSON object" and "Risk levels: Low (< 15), Medium (15–30), High (> 30)"; scripts/main.py: "print(f\"Route: {route}\")" and "if risk < 10: ... elif risk < 20:"Treat the calculator as a simple illustrative tool until the documentation and code are aligned; verify formulas and thresholds before relying on it for operational or regulatory decisions.