ClawHub

Expanso json-pretty

PassAudited by ClawScan on May 1, 2026.

Overview

The skill appears to only format JSON, with minor setup and network-exposure considerations if you use the Expanso runtime or server mode.

This looks like a straightforward JSON pretty-printer. Before installing, make sure you trust the Expanso tooling, review the optional cloud deployment URL before running it, and if you start the server mode, restrict it to trusted access rather than exposing it broadly.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing or deploying through external Expanso tooling means you rely on that tooling and remote pipeline location, even though this skill's included pipeline is simple.

Why it was flagged

The skill relies on an external runtime and includes an optional cloud deployment command using a remote pipeline URL. This is disclosed and aligned with the Expanso pipeline purpose, but users should trust the runtime and remote source before running those commands.

Skill content
Expanso Edge installed (`expanso-edge` binary in PATH) ... Install via: `clawhub install expanso-edge` ... `expanso-cli job deploy https://skills.expanso.io/json-pretty/pipeline-cli.yaml`
Recommendation

Use the included local pipeline when possible, install Expanso tooling only from trusted sources, and review the remote deployment target before running the cloud deploy command.

NoteHigh Confidence
ASI07: Insecure Inter-Agent Communication
What this means

Other devices that can reach the host may be able to send JSON to the formatter if the port is exposed.

Why it was flagged

If the MCP/HTTP pipeline is started, it listens on all network interfaces and accepts POST requests to format JSON. The function is narrow, but the artifact does not show authentication or localhost-only binding.

Skill content
http:
    enabled: true
    address: "0.0.0.0:${PORT:-8080}"
...
input:
    http_server:
      path: /format
      allowed_verbs: [POST]
Recommendation

Run the server mode only on trusted networks, prefer a localhost binding or firewall restriction if available, and avoid sending sensitive JSON through an exposed endpoint.