Attestation Root Diversity Analyzer
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a focused, instruction-only analyzer for attestation trust-root concentration, with no evidence of harmful or overbroad behavior.
This looks safe to install as an instruction-only analysis skill. Before use, check any generated curl or python3 commands and provide only the attestation metadata or skill identifiers you intend to analyze.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may use local tools to retrieve or process attestation metadata, but the artifacts do not show unsafe command execution or broad system access.
The skill declares local command-line tools that an agent may use while performing the analysis. This is disclosed and fits the purpose, but users should be aware that curl can make network requests and python3 can run local calculations.
requires:\n bins: [curl, python3]
Use it with intended attestation metadata or public skill identifiers, and review any proposed curl or python3 command before allowing access to private files or sensitive URLs.