tool-call-retry
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to be a transparent retry wrapper, but it can repeat whatever tool function it is given and can cache returned data in memory.
This skill looks acceptable for its stated purpose. Before installing, remember that it can retry any tool function it is given, so avoid using it for destructive, financial, public-posting, or account-changing actions unless those tools are idempotent and user-approved. Be mindful that cached results may remain in memory when idempotency keys are used.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used around actions like posting, purchasing, deleting, or updating records, retries could repeat the action unless the underlying tool is safe or idempotent.
The skill intentionally retries a caller-supplied function up to the configured retry limit. This is purpose-aligned, but repeated execution can duplicate side effects if the wrapped tool changes data or performs transactions.
for (let attempt = 0; attempt < maxRetries; attempt++) { ... const result = await toolFn(args);Use this mainly for read-only or idempotent operations, set conservative retry limits, and require user confirmation before retrying high-impact mutating tools.
Sensitive results returned by a wrapped tool could remain available in memory for later calls using the same key during the runtime session.
Successful tool results can be stored in a module-level in-memory cache when an idempotency key is supplied. The cache has no visible TTL, size limit, or clearing behavior.
const idempotencyCache = new Map<string, any>(); ... idempotencyCache.set(idempotencyKey, result);
Avoid using idempotency keys for sensitive outputs unless the runtime boundary is trusted, and prefer unique keys that include the operation and arguments.
The skill relies on an external package source for validation code.
The skill depends on a remote Deno-hosted Zod module. The version is pinned and the dependency is visible, but there is no separate lockfile or integrity metadata in the provided artifacts.
import { z } from "https://deno.land/x/zod@v3.22.4/mod.ts";Prefer reviewed or integrity-pinned dependencies where available, and ensure the runtime resolves the expected pinned package.