Ifc Qto Extraction

The skill is classified as suspicious due to significant command injection vulnerabilities. The `SKILL.md` file's Python implementation uses `subprocess.run` with user-controlled `model_path` and `options` directly concatenated into the command list, which could be exploited if the external executables are vulnerable to argument injection. More critically, the `n8n Workflow Integration` section in `SKILL.md` demonstrates an `Execute Command` node using `"{{$json.model_path}}"` directly within a shell command string, making it highly vulnerable to classic shell injection if `$json.model_path` contains malicious commands. While the skill requires `filesystem` permissions, which is declared in `claw.json` and consistent with its stated purpose, these vulnerabilities could allow an attacker to execute arbitrary commands on the host system, despite no explicit malicious intent (e.g., data exfiltration or persistence) being present in the provided code.