Skillv1.0.2

ClawScan security

Guitar Chord · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 16, 2026, 3:35 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely matches its stated purpose (chord lookups) but the included Python script calls an external build/runtime (cargo run) in a hardcoded user path without declaring that dependency, and the code contains some bugs/unreachable code — this mismatch and the subprocess use deserve caution.
Guidance: This skill appears to implement the advertised chord features, but exercise caution before running it as-is. The bundled script will attempt to execute 'cargo run' in ~/workspace/ascii_chord to produce ASCII diagrams — that runs code from that local directory (if present) and requires Rust/Cargo to be installed, yet the README/SKILL.md doesn't mention this dependency. Recommendations: - Inspect the full script (already included) and remove or sandbox the get_ascii_chord call if you don't want any subprocess builds/executables run. - If you need diagrams, install and review the ascii_chord project in a controlled location you trust, or modify the script to call a packaged binary you vet. - Be aware the script has identifiable bugs/unreachable code; test in an isolated environment before giving it broad use. If you want to proceed, ask the author to document the cargo/local-project requirement or provide a pure-Python diagram fallback.

Review Dimensions

Purpose & Capability: noteName/description (guitar chord toolkit) aligns with the provided code and SKILL.md: the Python script implements forward/reverse lookup, scales, inversions, and diagram support. However the script attempts to call an external ascii_chord tool via 'cargo run' in ~/workspace/ascii_chord to produce diagrams; SKILL.md does not document this dependency or the requirement for cargo/a local project, so there's a proportionality/documentation mismatch.
Instruction Scope: concernSKILL.md instructs the agent to run the included python script (expected). The script, however, accesses the user's home directory (os.path.expanduser('~') → ~/workspace/ascii_chord) and runs subprocess.run(['cargo','run','--','get',chord_name], cwd=cwd), executing code found in that local directory if present. SKILL.md does not disclose this filesystem access or the execution of a separate tool. The script also contains coding errors/unreachable blocks (e.g., a return in normalize_note followed by code that will never run), indicating sloppy implementation that may cause unexpected behavior.
Install Mechanism: okNo install spec — instruction-only skill with a bundled script. That is low-risk relative to download-and-extract installs. The only install-like behavior is reliance on an external tool (cargo) which is not declared.
Credentials: noteThe skill declares no env vars or credentials (good). The script reads the user's home path and attempts to run a local program under ~/workspace/ascii_chord. Accessing the home directory for a local diagram tool is plausible for diagram support, but it should be documented; running code from a hardcoded user path without explicit permission is disproportionate to the stated simple chord lookup capability.
Persistence & Privilege: okNo elevated privileges requested, always:false, and no persistent modifications are declared. The skill does not request to be always-enabled nor modify other skills or system-wide config.