Back to skill
Skillv1.0.0
ClawScan security
Format Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 28, 2026, 4:53 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The code is a simple, local text formatter, but the runtime instructions (SKILL.md) claim features (column alignment, CSV/JSON support, flags like --align/--csv/--table) that the bundled script does not implement — a clear mismatch that could cause unexpected behavior.
- Guidance
- Do not assume the SKILL.md features are implemented: the bundled script only performs simple text transforms (upper, lower, title, reverse, sort, unique, wrap, trim, remove-whitespace) and does not support column alignment, CSV/JSON parsing, or flags shown in the README. Before installing or enabling: (1) run the included script in a safe sandbox to confirm behavior (python3 scripts/format.py), (2) ask the author to reconcile SKILL.md with the actual implementation or provide an updated release, and (3) if you rely on the advertised CSV/JSON/column features, require that those be implemented and tested — otherwise the agent may fail or produce unexpected results when it tries to use nonexistent options.
Review Dimensions
- Purpose & Capability
- concernName/description (format/beautify, column alignment, CSV/JSON support) partially match the included script's basic text transforms (upper/lower/wrap/trim/etc.), but SKILL.md advertises column alignment, CSV/JSON parsing, and options (--align, --csv, --table) which are not present in scripts/format.py. The declared requirements (no env, no binaries) are proportional to the script, but the advertised capability set is overstated.
- Instruction Scope
- concernSKILL.md shows CLI usage and examples that call options/behaviors the script does not support. If an agent follows SKILL.md it may attempt to invoke flags/commands that will fail or be misinterpreted. The instructions do not direct any file access, environment reads, or network activity beyond expected stdin/stdout, but they are inconsistent with the real runtime behavior.
- Install Mechanism
- okNo install spec (instruction-only skill) and a single local python script included. No downloads, no external package installs, and nothing is written to disk by an installer — low install risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The script does not access env vars or external services — requested privileges are minimal and appropriate for a formatter.
- Persistence & Privilege
- okSkill does not request always:true and defaults to normal invocation settings. It does not modify other skills or system configuration. No elevated persistence or privileges are requested.