Jsonlint
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The command may fail or rely on local tooling that was not fully declared in the registry metadata.
The skill depends on a local Python interpreter even though registry metadata declares no required binaries and no install spec. This is a disclosure/setup gap rather than evidence of malicious behavior.
## Requirements - `python3` (uses `json` stdlib module)
Declare python3 and the intended jsonlint command/script installation path in metadata or installation documentation.
It will read the JSON file paths passed to it and may print file contents, differences, or extracted values to the terminal.
The script executes local Python code to parse user-selected JSON files. This is central to the stated linting purpose and uses Python's standard json module, with no dynamic eval or network behavior shown.
if result=$(python3 -c "
import json, sys
try:
with open(sys.argv[1], 'r') as f:
data = json.load(f)Use it only on files you intend the agent or terminal session to inspect, especially if JSON files contain secrets or private configuration.