Skillv1.0.0

ClawScan security

Component Library Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 1:12 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match its stated purpose (auditing component libraries) and request no credentials or installs, but the runtime shell checks are fragile (depend on ripgrep, POSIX tools, and may mishandle filenames) and some claimed checks (accessibility) are not visible in the provided excerpt.
Guidance: This skill appears to do what it says: run local shell searches to audit a component library and it requests no secrets. Before installing/using it, be aware that: - The scripts require ripgrep (rg) and standard POSIX tools (find, awk, sed, grep, wc). If rg is missing the commands will fail. - The shell loops are line-based and may mis-handle filenames with spaces or newlines; run it in a clean repository or a copy/CI job, not directly on sensitive production directories. - Some claimed checks (accessibility) are not visible in the provided excerpt — verify the full SKILL.md or test it on a small repo to confirm behavior. - It will read files under the repository tree (code, docs, tests) — do not run it in directories containing secrets or unrelated projects. If you want higher confidence: request the full SKILL.md (untruncated), ask whether there are fallbacks if ripgrep is absent, and test the skill in an isolated environment or container first.

Review Dimensions

Purpose & Capability: okThe name/description (audit React/Vue/Svelte component libraries for unused components, prop inconsistencies, docs, and tests) aligns with the SKILL.md: discovery, unused-component detection, docs checks, prop consistency heuristics, and test detection are implemented. The description mentions accessibility issues but the provided instructions do not show concrete accessibility checks (the SKILL.md appears truncated), which is an inconsistency to note.
Instruction Scope: noteAll runtime instructions are local file-system code searches and analyses (find, rg, awk, sed, wc, etc.) limited to the repository tree (explicitly excludes node_modules, dist, build). The skill does not request or use external credentials or network calls in the visible instructions. However, the shell scripts assume POSIX environment, the presence of 'rg' (ripgrep) and other utilities, and use line-based 'while read' loops which can mishandle files with spaces or newlines; these are implementation fragilities rather than scope creep.
Install Mechanism: okThere is no install spec (instruction-only), so nothing will be written to disk by an installer. This is low-risk from an install-mechanism perspective. Note: the instructions depend on external binaries (e.g., rg) that are not declared or installed by the skill.
Credentials: okThe skill declares no required environment variables, no credentials, and no config paths. The instructions operate only on repository files; there is no unjustified request for secrets or unrelated service credentials.
Persistence & Privilege: okalways:false and no install/persistence behavior are present. disable-model-invocation is false (normal), which allows autonomous invocation but is the platform default and not by itself a red flag. The skill does not attempt to modify other skills or system-wide configs in the visible instructions.