manipulation-detector
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Users need Python available for the examples to work.
Why it was flagged
The skill's usage depends on python3, while the registry requirements declare no required binaries. This is a metadata completeness gap, but the dependency is expected for the included script and does not indicate hidden behavior.
Skill content
echo "Your text here" | python3 scripts/detect.py
Recommendation
Declare python3 as a required binary in the skill metadata, or make clear that it is an expected local prerequisite.