Delta Disclosure Auditor
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a purpose-aligned, instruction-only auditor for checking update transparency, with no credential use, persistence, or mutation behavior shown.
This looks safe to use for update-disclosure auditing. Before installing, note that it may query registry endpoints using curl/python3, and verify the publisher/provenance because no homepage or source repository is provided.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may cause the agent to fetch registry or version data from endpoints the user provides.
The skill may use local command-line tools to query a user-provided registry endpoint. This is expected for an update-transparency auditor, but it still means the agent could make network requests during use.
requires:\n bins: [curl, python3] ... Input: Provide one of: ... A registry endpoint to assess delta disclosure infrastructure
Provide only registry endpoints or skill identifiers you intend to audit, and avoid asking it to query untrusted internal or sensitive URLs.
Users have less external context for verifying the publisher or project history, though no unsafe install behavior is shown.
The package has limited external provenance information, but the artifacts do not include executable code, install scripts, or hidden helpers.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the registry owner, version history, and SKILL.md content before relying on the auditor's recommendations.