Sort
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is mostly a local sorting utility, but its JSON fallback unsafely builds Python code from user-supplied arguments and it keeps a local history log.
Review the JSON fallback before using this skill with untrusted keys or filenames, or ensure jq is installed so the safer jq path is used. Also remember that processed file paths are logged under ~/.local/share/sort/history.log.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent uses the JSON sort command with an untrusted or malicious key while jq is unavailable, the script could run unintended local code rather than only sorting JSON.
In the jq-missing fallback, user-controlled file and key values are inserted into Python source code instead of passed as data. A crafted key or path could break out of the string literal and execute Python code under the user's account.
python3 -c " ... with open('${file}') as f: ... data.sort(key=lambda x: x.get('${key}', '')) ... "Change the fallback to pass file and key through sys.argv or environment variables, validate JSON keys, and avoid constructing executable code with unescaped user input.
Local history can reveal which files were processed and what operations were run.
The script persists operation details locally, and command calls include file paths such as file=${file}. SKILL.md also discloses this history log.
DATA_DIR="${HOME}/.local/share/sort"; HISTORY_FILE="${DATA_DIR}/history.log"; echo "$(date -u '+%Y-%m-%dT%H:%M:%SZ') ${op} ${detail}" >> "${HISTORY_FILE}"Treat the history file as local audit data, avoid sensitive filenames when possible, and consider adding an opt-out or cleanup command.
The skill may fail or use fallback code paths depending on what local tools are installed.
The skill documents runtime tool expectations, while the registry metadata says no required binaries. This is a dependency declaration gap rather than evidence of hidden installation behavior.
## Requirements - python3 - jq (optional)
Declare required and optional binaries consistently in metadata, especially because the jq-missing fallback has different security properties.