Ai Agent Tools
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward Python utility library, with the main things to notice being broad local file access and user-directed unpinned GitHub installation steps.
This library looks consistent with its stated purpose. Before installing, verify the GitHub source if using the download commands, and if you expose the file helpers to an agent, restrict them to safe directories and require confirmation before overwriting important files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent is allowed to call these helpers freely, it could read or overwrite local files that the current process can access.
The library exposes arbitrary filepath-based read and write helpers, including overwriting files. This is disclosed and central to the stated file-utility purpose, but wrappers should restrict paths or require confirmation for sensitive locations.
def read_file(filepath: str) -> str: ... open(filepath, 'r' ...) def write_file(filepath: str, content: str) -> str: ... open(filepath, 'w' ...)
Use the file tools only in intended project directories, add allowlists or confirmations when exposing them to an autonomous agent, and avoid passing untrusted paths directly.
A future change in the referenced GitHub branch could differ from the reviewed artifact if the user installs directly from those commands.
The installation guidance pulls code from a mutable GitHub branch without a pinned commit or checksum. This is user-directed and normal for a small library, but users should verify the source before installing.
wget https://raw.githubusercontent.com/cerbug45/ai-agent-tools/main/ai_agent_tools.py ... pip install git+https://github.com/cerbug45/ai-agent-tools.git
Prefer the reviewed package contents or pin a specific commit/hash when downloading from GitHub.
Sensitive or untrusted session data stored in memory could influence later agent behavior within the same run.
The memory helper stores arbitrary key/value data during execution. It is only in-process and not persisted or transmitted, but agents may later reuse whatever is stored there.
class MemoryTools: ... self.memory: Dict[str, Any] = {} ... def store(self, key: str, value: Any) -> str: self.memory[key] = valueAvoid storing secrets or untrusted instructions in MemoryTools unless the surrounding agent workflow clearly controls how that memory is later used.