critical
suspicious.dynamic_code_execution
- Location
- scripts/runner.mjs:169
- Finding
- Dynamic code execution detected.
skill everyday
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
Running the skill will contact Clawhub/Convex and create or overwrite local report/state files under the skill's data directory.
Why it was flagged
The runner drives a browser to fetch public Clawhub data and writes a local report. This is central to the stated purpose, but users should notice the external requests and local file creation.
Skill content
await page.route('https://wry-manatee-359.convex.cloud/api/query', async (route) => { ... }); await page.goto('https://clawhub.ai/skills', gotoOpts); ... fs.writeFileSync(reportPath, report);Recommendation
Run it only from the intended skill directory, review generated reports before sharing them, and sanitize slugs if adapting the script to less trusted data sources.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Installing the skill as documented may download npm packages and a Chromium browser build.
Why it was flagged
The skill depends on Playwright from npm with a version range. This is expected for browser scraping but introduces normal package/browser supply-chain considerations.
Skill content
"dependencies": { "playwright": "^1.49.0" }Recommendation
Install from trusted registries, consider pinning or locking dependency versions, and review npm/Playwright installation prompts in managed environments.
NoteHigh Confidence
ASI06: Memory and Context PoisoningWhat this means
Local reports may persist public Clawhub content plus local path/file-name metadata, which could matter if the report is later shared or reused as agent context.
Why it was flagged
The skill stores reports and an analyzed list locally; reports may also include a local skill directory path and file names when a matching directory exists.
Skill content
localFilesNote = `\n### 本地技能目录\n\n\`${targetSkillDir}\`...`; ... fs.writeFileSync(latestPath, report); ... fs.writeFileSync(ANALYZED_FILE, JSON.stringify(analyzedData, null, 2));Recommendation
Inspect reports before sharing, and delete the data directory if you do not want the skill to retain prior analysis state.