Agent Architecture Patterns

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is mostly an educational agent-pattern library, but a runnable ReAct example/test uses JavaScript eval for calculator input, which can execute arbitrary local code if reused with untrusted expressions.

This appears to be an educational pattern library rather than a credentialed or persistent integration. Before installing or running examples, be aware that the ReAct calculator example uses JavaScript eval; do not run or reuse it with untrusted input unless you replace it with a safe math parser. Also consider the lack of a verified source/homepage when deciding whether to trust updates.

Static analysis

Dynamic code execution

Critical

Finding: Dynamic code execution detected.

Dynamic code execution

Critical

Finding: Dynamic code execution detected.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI05: Unexpected Code Execution

Medium

What this means

If a user runs or reuses this example with untrusted input, a crafted expression could access local files or run code with the user's local Node.js privileges.

Why it was flagged

The ReAct calculator tool runs a string supplied as a tool argument. In agentic use, that argument may be generated from user/model input, so it can execute arbitrary JavaScript in the Node.js process rather than only math.

Skill content

execute: async ({ expression }) => { ... const result = eval(expression);

Recommendation

Replace eval with a strict arithmetic expression parser or an allowlist of permitted operators, and do not expose this tool to untrusted or model-generated expressions.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

It is harder for a user to verify the package origin, review upstream changes, or confirm maintainership.

Why it was flagged

The skill includes runnable code examples, but the registry metadata does not provide an authoritative source or homepage for independent verification.

Skill content

Source: unknown; Homepage: none

Recommendation

Review the included files before use and prefer installing skills that provide a verifiable source repository or homepage.