Skillv1.0.0

ClawScan security

Groups Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 9:06 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's description and documentation promise a CLI that lists all groups (current or specified user, with options), but the included script is a minimal one-liner that only prints supplementary groups for the current login user and does not implement the documented CLI or options.
Guidance: This skill's documentation describes a full CLI that shows all groups for a specified user and supports options, but the included script is much more limited: it only prints supplementary groups for the current login user and does not implement username arguments or the -id option. It's not malicious, but it's inconsistent and likely non-functional for the documented use-cases. Before installing or trusting this skill: 1) ask the publisher for a corrected implementation that supports username argument, numeric ID option, and includes the primary group; 2) inspect or run the script in a safe/test environment (note os.getlogin() can fail in non-interactive contexts); 3) prefer an implementation that uses pwd.getpwuid(os.getuid()) for the current user and checks primary group via grp.getgrgid(), and that has CLI parsing. If you need the documented features, do not rely on the current package as-is.

Review Dimensions

Purpose & Capability: concernSKILL.md claims a full CLI (groups-tool [options] [username], -id option, ability to query another user, and mentions primary and supplementary groups). The bundled script (scripts/groups.py) only checks grp.getgrall() and prints group names where os.getlogin() appears in gr_mem — i.e., it only finds supplementary groups for the current login user. It does not accept a username argument, does not implement -id, and does not include the primary group (gid) lookup. This is a mismatch between claimed capability and actual implementation.
Instruction Scope: concernSKILL.md instructs running a CLI with options and querying /etc/group; the script does read the group database via the grp module (consistent with reading /etc/group) but the runtime instructions expect behavior the code does not provide. The script only prints supplementary groups for the login user, and uses os.getlogin(), which may fail in non-interactive contexts. There is no instruction to handle failures or to accept alternate usernames, so agent runtime behavior could be surprising or non-functional.
Install Mechanism: okNo install spec and only a small local script are included. Nothing is downloaded or written at install time — lowest install risk.
Credentials: okNo environment variables, credentials, or external endpoints are requested. The skill reads the system group database only, which is appropriate for its stated purpose.
Persistence & Privilege: okalways is false, model invocation is allowed (default). The skill does not request persistent system presence or modify other skill/system configurations. No elevated privileges are requested.