critical
suspicious.dynamic_code_execution
- Location
- scripts/scan_skill.py:72
- Finding
- Dynamic code execution detected.
Clawhub Skill Scanner
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI01: Agent Goal HijackWhat this means
Skill installations may be delayed or blocked based on the scanner's result.
Why it was flagged
The skill instructs the agent to interpose this scanner on future install requests. This is expected for a security gatekeeper, but it can redirect the normal install flow.
Skill content
Security gatekeeper for skill installations. MANDATORY before installing any skill... Always run this BEFORE installation.
Recommendation
Use the scanner as a pre-install check, but keep explicit user approval for installing or blocking skills.
NoteHigh Confidence
ASI09: Human-Agent Trust ExploitationWhat this means
A false negative could lead a user or wrapper script to install a risky skill because the scan labeled it safe.
Why it was flagged
The documentation encourages auto-approval based on the scanner's heuristic score. The scanner's limits are partly disclosed, but 'safe' should not be treated as a guarantee.
Skill content
| 0-20 | 🟢 SAFE | Auto-approve |
Recommendation
Treat a clean scan as one signal, not a guarantee; manually review unfamiliar or high-privilege skills before installation.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
It is harder to independently verify or reproduce the scanner before trusting it as a security gate.
Why it was flagged
The registry metadata does not provide a source/homepage or declare Python as a runtime requirement, even though the docs instruct users to run a Python script.
Skill content
Source: unknown; Homepage: none; Required binaries (all must exist): none; No install spec — this is an instruction-only skill.
Recommendation
Verify the complete package contents and source repository before relying on this scanner for automated install decisions.