Swelist
PassAudited by ClawScan on May 1, 2026.
Overview
Swelist appears to be a straightforward read-only CLI for fetching public job postings, with the main consideration being that it installs an external PyPI package.
Before installing, confirm that you trust the PyPI package 'swelist'. Expect the tool to use internet access to fetch public job listings, but the artifacts do not indicate credential use, local persistence, or data modification.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill will place an external command-line tool on the system, so a compromised or changed package could affect what runs.
The skill installs and runs an external PyPI-distributed CLI package. This is purpose-aligned, but it means trust depends on the package provenance and update path rather than only the reviewed SKILL.md.
uv | package: swelist | creates binaries: swelist
Install only if you trust the PyPI package and maintainer; consider pinning or verifying the package version in controlled environments.