Skillv1.0.0

ClawScan security

Fmt Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 28, 2026, 4:52 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's code does reflow text (matching the stated purpose) but the runtime instructions (SKILL.md) claim CLI options and behavior the included script does not implement, so the package is internally inconsistent.
Guidance: This package is small and not obviously malicious, but it is inconsistent: SKILL.md promises CLI flags, multi-file support, and a default width of 75, while scripts/fmt.py only implements a simple positional interface and defaults to width 80. Before installing or invoking it in automation: (1) review or run the script on a harmless test file to confirm behavior; (2) fix or request the author to implement proper CLI parsing (argparse) or update SKILL.md to match the actual interface; (3) avoid running it on sensitive files until you confirm it behaves as expected. If you need the documented features (-w, -u, -s, multiple files), prefer a version that implements them or patch the script yourself.

Purpose & Capability: noteThe description (text reformatting/reflow) matches what scripts/fmt.py actually does: it reads a file or stdin and calls textwrap.fill. However the SKILL.md documents options (-w, -u, -s), multiple files, and a default width of 75 — none of which the script implements. The core capability is coherent, but the user-facing contract is inaccurate.
Instruction Scope: concernSKILL.md instructs use of flags (-w, -u, -s) and multiple file arguments. The script ignores flags and only accepts an optional single filename as argv[1] and a width as argv[2] (positional integer). This mismatch can produce unexpected behavior (e.g., users passing '-w 80 file' will break). The script also uses open(sys.argv[1]) which will read any path the user supplies — expected for a formatter but worth noting.
Install Mechanism: okInstruction-only install: no install spec and no external downloads. The script is included in the bundle and is small and readable; no high-risk installers or remote fetches are present.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. The script performs only local file/stdin reads and text reflow — credentials or extra env access are not required.
Persistence & Privilege: okThe skill does not request always:true and has no special persistence or system-wide changes. It does not modify other skills or global agent settings.