Transparency Log Auditor
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only auditor appears read-only and purpose-aligned, with minor notes that it may query registry URLs using local tools and has limited source provenance.
This looks safe to use as a read-only transparency-log audit helper. Before installing, note that it may query registry URLs using local tools, so provide only targets you intend to audit, and be aware that the registry metadata does not include a source repository or homepage.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may contact registry URLs you provide and use local tools to produce the audit report.
The skill declares local command-line tools that could be used to query or verify registry data. This is expected for a transparency-log audit, but it means the agent may make network requests or run local verification commands as part of the workflow.
requires:\n bins: [curl, python3]
Use this with intended public registry URLs or records, and avoid pointing it at sensitive internal endpoints unless that is explicitly your goal.
You have less external context about who maintains the skill, although the provided artifacts are instruction-only.
The skill has no executable install payload, but the publisher/source provenance is limited, so users cannot independently inspect a project homepage or source repository from the metadata.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the SKILL.md instructions before use and prefer known or verifiable sources for security-sensitive audit tooling.