ClawHub

LYGO-MINT Verifier

PassAudited by ClawScan on May 1, 2026.

Overview

This is a local hash-and-ledger helper with no credential or network behavior shown, but it depends on local helper scripts outside the provided package and keeps persistent ledger records.

This skill appears suitable for local verification of non-secret prompt packs. Before installing or using it, make sure the missing `tools/lygo_mint` helper scripts in your workspace are trusted, and treat the generated `state/` ledger files as records that may disclose filenames, pack names, versions, and posting links.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Running the mint command may execute local helper code from the workspace, so the exact canonicalization and hashing behavior depends on that local file.

Why it was flagged

The main minting behavior is delegated to a local workspace helper under `tools/lygo_mint`, which is not included in the provided file manifest. The dependency is disclosed and purpose-aligned, but the behavior depends on code outside the reviewed package.

Skill content
mint_tool = ROOT / "tools" / "lygo_mint" / "mint_pack.py"
...
proc = run_py(mint_tool, [str(pack_path), "--version", args.version, "--champion", args.champion or "", "--anchor", args.anchor or ""])
Recommendation

Before use, review or install `tools/lygo_mint/mint_pack.py` and `tools/lygo_mint/canonicalize_ledger.py` from a trusted source, and run the skill only on non-secret packs.

NoteHigh Confidence
ASI06: Memory and Context Poisoning
What this means

If the `state/` ledger files are shared, committed, or synced, they may reveal which packs were minted and where they were anchored.

Why it was flagged

The script persists ledger entries containing the local pack path and user-supplied metadata. This is expected for receipts, but it can retain potentially sensitive filenames, titles, or anchor identifiers.

Skill content
minted.update({
    "pack_path": str(pack_path),
    "pack_version": args.version,
    "champion": args.champion,
    "anchor": args.anchor,
    "minted_at_utc": utc_now(),
    "kind": "mint",
})
...
with LEDGER.open("a", encoding="utf-8") as f:
Recommendation

Use the skill only with non-secret prompt packs, keep the `state/` ledger files private unless intentionally publishing them, and avoid putting sensitive information in pack paths, titles, champion names, or anchor fields.