Meaningful-Code-Context-Scanner
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing the skill must provide an API key; if mishandled, that key could be used to consume the user's API quota or access their service account.
The skill requires a hosted-service API key, which is expected for this integration but gives the agent delegated access to the user's Chunker account quota.
All endpoints except `/health` and `/status` require an API key. ... Set your key as `CHUNKER_API_KEY` in your agent's environment.
Use a limited-purpose key, keep it out of logs and shared prompts, rotate it if exposed, and avoid using higher-privilege credentials than the skill needs.
Repository contents or code-derived metadata may be processed by an external service and reused for later queries in that scan/session.
The hosted service stores or derives reusable analysis context from code and can retain query context within a session. This is central to the skill, but users should consider confidentiality and retention for proprietary repositories.
scans any codebase once, builds a semantic graph of all components and their relationships ... Pass a `session_id` to maintain context across related queries. The system remembers what you asked recently
Use the skill only with repositories you are allowed to share with the service, review the provider's retention/privacy terms, and self-host for sensitive private code if appropriate.