Back to skill
Skillv0.1.0
ClawScan security
EmoPAD Universe · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 9, 2026, 10:15 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill largely does what it claims (runs a local emotion PAD service and pops an image every 5 minutes), but it auto-installs packages, auto-starts background processes, and contains hard-coded display/Xauthority manipulations and process-killing behavior that are disproportionate or potentially intrusive.
- Guidance
- This skill appears to implement the stated emotion-PAD functionality, but several behaviors are surprising and potentially intrusive: it will auto-install many pip packages, start a background service listening on localhost:8766, and run a periodic process that forcibly sets DISPLAY and XAUTHORITY (hard-coded to /run/user/1000/gdm/Xauthority) and may kill processes (pkill/taskkill). Before installing, consider: 1) Only install if you trust the author and code provenance (there is no homepage). 2) Inspect the code locally (especially the XAUTHORITY/DISPLAY lines and pkill usage). 3) Prefer running inside a confined environment (virtualenv, container, or VM) to avoid affecting other users or the host X session. 4) If you must run on a multi-user desktop, remove or modify the hard-coded XAUTHORITY/DISPLAY behavior and verify that popping windows is acceptable. 5) Be aware pip will download and execute many third-party packages — review required packages and pin versions if possible. If you want, I can point out the exact lines to change to avoid XAUTHORITY/DISPLAY overrides and to make auto-start optional.
Review Dimensions
- Purpose & Capability
- noteName/description align with included code: service to compute PAD from EEG/PPG/GSR and a periodic 'emoNebula' poster. Required hardware access (BLE, serial) and Python signal-processing packages match the stated functionality.
- Instruction Scope
- concernSKILL.md and install scripts instruct the agent to auto-install dependencies and automatically start a persistent service and a GUI popup process that runs every 5 minutes. The runtime code forcibly sets DISPLAY and XAUTHORITY to specific values (/run/user/1000/gdm/Xauthority) and uses pkill/taskkill to terminate processes — actions that go beyond merely reading sensors and producing charts and that could interact with another user's X session or kill unrelated processes.
- Install Mechanism
- noteNo archive downloads; dependencies are installed via pip (install.py invokes pip to install many packages). Installing many PyPI packages automatically is a moderate risk (network download and execution of third-party packages) but understandable for a heavy Python signal-processing tool.
- Credentials
- concernThe skill requests no declared environment variables, but the code force-sets DISPLAY and XAUTHORITY to hard-coded values and writes/reads files under ~/.config/emopad and /run/user/1000/gdm/Xauthority. Hard-coded XAUTHORITY and DISPLAY values are not justified by the SKILL.md and can grant the skill access to an X server belonging to another user or require elevated access.
- Persistence & Privilege
- noteThe skill auto-starts services and spawns a long-running background process that displays periodic GUI popups; auto-start behavior is declared in SKILL.md/skill.json. It is not marked always:true (so not force-included in every agent run), but it does persistently run after installation and install.py will start it automatically.