Cancorteaw App
ReviewAudited by ClawScan on May 10, 2026.
Overview
The app-building workflow is plausible, but the skill’s main action runs an unprovided local shell script, so its safety claims cannot be verified from the submitted artifacts.
Review /home/patron/apps/_bin/appctl before installing or invoking this skill. Confirm it really restricts work to /home/patron/apps, validates arguments, and only runs the documented Expo commands. Also be aware that it may run npm/Expo tooling and leave a local preview process running until you stop it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may cause the agent to run whatever script exists at /home/patron/apps/_bin/appctl on the host, which could behave differently from the documentation.
The skill’s primary execution target is a local script outside the submitted package. No appctl source or install spec is provided, so the reviewer cannot verify the claimed allowlist or path restrictions.
"entrypoint": { "type": "shell", "command": "/home/patron/apps/_bin/appctl", "args": [ "{{args}}" ] }Include the appctl source in the skill package or provide a pinned, auditable install method/checksum; users should inspect that script before enabling the skill.
If the local runner is not strict, agent-supplied arguments could lead to commands or file changes beyond the intended Expo workflow.
The skill frames the runner as controlled, but the included artifacts do not show the enforcement logic. The allowed tools also include broad interpreters/package executors such as bash, python3, and npx.
The runner is **allowlisted**: only `node`, `npm`, `npx`, `git`, `bash`, `python3` can be invoked.
Verify that appctl validates subcommands, project names, paths, environment variables, and child commands before use; prefer explicit allowlisted argument parsing in reviewed code.
Creating or previewing apps may run npm/Expo tooling on the local machine.
npx-based Expo scaffolding can download and execute npm tooling. This is expected for an Expo app-builder skill and is disclosed, but it is still code execution from the npm ecosystem.
Uses `npx create-expo-app` in non-interactive mode
Use only in the intended workspace, consider pinning package versions, and avoid running it on sensitive projects without reviewing the npm tooling.
A local Expo preview server may keep running, using a port and system resources after the command finishes.
The preview command creates a long-running local process and stores its pid. This persistence is disclosed and purpose-aligned, but it remains active until stopped.
Writes pid to: `/home/patron/apps/_state/<name>.pid` ... To stop preview: `kill $(cat /home/patron/apps/_state/<name>.pid)`
Stop previews when done and consider adding a documented `stop` command rather than relying on manual kill commands.