Clawzempic

The skill is classified as suspicious due to its use of SSH for remote execution and the `--dir` argument allowing arbitrary path specification for auditing. While these capabilities are explicitly documented and intended for legitimate auditing purposes, they represent powerful functions that, if misused (e.g., via prompt injection against the agent to provide a malicious remote host or directory path), could lead to unauthorized remote command execution or arbitrary file access. The `lean-audit.sh` script quotes the `$REMOTE` variable in the `ssh` command, mitigating direct shell injection into the `ssh` command itself, and the `lean-report.py` script is read-only, only printing fix suggestions rather than executing them. However, the inherent power of these operations warrants a 'suspicious' classification as a vulnerability risk, not as intentional malware.