OpenScan
WarnAudited by ClawScan on May 10, 2026.
Overview
OpenScan largely matches its stated scanning purpose, but on macOS it builds a shell command from the scanned file path, so a malicious filename could execute commands during a scan.
Use this only on narrowly selected paths and be especially cautious on macOS until the codesign invocation is changed to avoid shell interpolation. Also verify the package source before relying on it for security decisions.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Scanning a maliciously named executable or directory entry could run commands on the user's machine before the file has been trusted.
The scanned file path is placed directly into a shell command. On macOS, filenames containing shell substitutions or metacharacters could be interpreted by the shell when the scanner verifies signatures.
execSync(`codesign --verify --deep --strict "${filePath}" 2>&1`, {Replace shell execution with argument-based execution, such as execFileSync('codesign', ['--verify', '--deep', '--strict', filePath]), or otherwise avoid invoking a shell with untrusted paths.
Users may have less assurance that the reviewed package matches the advertised upstream project.
The registry does not provide a verified source for the skill, which matters because this skill is itself intended to make trust decisions about other binaries and scripts.
Source: unknown
Verify the homepage/repository and inspect the packaged files before using this as a security gate.