Chord Analyzer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to perform local audio chord analysis as described, with the main caveat that it asks the user to install unpinned Python audio-analysis packages.
This skill looks coherent for local chord analysis. Before using it, install the Python packages in an isolated environment if possible, and edit the script's audio_path so it analyzes only the file you intend.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these dependencies can modify the user's Python environment and pull code from external package repositories.
The skill asks the user to install several third-party Python packages without pinned versions. This is expected for audio analysis, but it means the user is trusting packages resolved at install time.
pip3 install librosa numpy scipy scikit-learn soundfile
Install the dependencies in a virtual environment and consider pinning trusted package versions if reproducibility or supply-chain control matters.