v2.1.1

Risk Management Specialist

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:15 AM.

Analysis

This appears to be a purpose-aligned ISO 14971 risk-management reference skill with no evidence of credential use, network access, persistence, or unsafe automation.

GuidanceThis skill looks safe to install from an agent-security perspective. Treat its medical-device risk outputs as drafting support only, verify them with qualified risk-management and regulatory reviewers, and review the included Python calculator before running it.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill ... 1 code file(s): scripts/risk_matrix_calculator.py

The skill includes a runnable helper script while the source and homepage are not identified. The shown script is purpose-aligned and the static scan is clean, so this is a provenance note rather than a security concern.

User impactIf you choose to run the bundled calculator, you are executing code from an unverified publisher, though the provided code appears limited to local risk-matrix and FMEA calculations.

RecommendationReview the helper script before running it and use it only for the stated calculation purpose; do not provide secrets or unrelated files to it.