API Changelog Generator
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is purpose-aligned, but its diff command builds executable Python code from unescaped file paths, which could let crafted paths run code on the user’s machine.
Review this skill before installing. Its purpose is reasonable, but the shown diff command should be fixed before use on untrusted paths or repositories. Prefer a version that passes filenames as arguments to Python instead of embedding them into executable code.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs this command on a maliciously named or untrusted spec file path, it could execute unintended local code rather than only reading the API spec.
The command places user-provided file path strings directly inside executable Python source. A crafted path containing a quote and Python syntax could break out of the string and execute arbitrary Python under the user’s account.
OLD_SPEC="${1:?Usage: diff <old-spec> <new-spec>}" ... python3 -c " ... old = load_spec('$OLD_SPEC') ... new = load_spec('$NEW_SPEC') ... " 2>/dev/nullRewrite the command to pass paths through argv, for example `python3 - "$OLD_SPEC" "$NEW_SPEC" <<'PY'` and read `sys.argv`, or otherwise safely quote/escape paths before execution. Avoid running it on untrusted filenames until fixed.
The command may fail or behave differently depending on the user’s local Python environment and installed packages.
The instruction-only skill relies on local Python and optionally PyYAML, while the registry metadata declares no required binaries or install spec. This appears purpose-aligned, but users may not realize the runtime dependency is external to the reviewed package.
python3 -c " ... import yaml ... except ImportError: print(f'Warning: PyYAML not installed, trying JSON parse') ... "
Document python3 and optional PyYAML requirements in metadata or provide a safer, reviewed helper script with pinned dependencies.