Back to skill
Skillv1.0.0
ClawScan security
Hex Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 28, 2026, 9:05 PM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill claims bidirectional hex/format conversions and CLI options, but the included script only reads a file/stdin and prints its hexadecimal representation — a clear mismatch between documentation and implementation.
- Guidance
- This skill is not obviously malicious, but it is misleading: the documentation promises encode/decode and conversion options that are not implemented in the shipped script. If you need decode or base conversion functionality, do not rely on this skill as-is. Review or replace scripts/hex.py before use (or use standard tools like xxd/hexdump or a well-known library). Also note the script will read any file path you give and print its hex to stdout — avoid using it on sensitive files unless you control where stdout goes and how results are handled.
Review Dimensions
- Purpose & Capability
- concernThe name and SKILL.md promise encoding, decoding, and base-to-base conversions (examples: --encode, --decode, --from, --to). The included script (scripts/hex.py) only reads a file or stdin and prints data.hex() (hex encoding). It does not implement decoding or any base conversions, so the requested capabilities are not present.
- Instruction Scope
- concernSKILL.md instructs use of many CLI options and example workflows that don't map to the script. The script's behavior (read file or stdin, output hex) is narrow and consistent with a hex dumper, but the documentation grants broader authority/expectation. The script does read arbitrary files/stdin — expected for this tool — but there are no instructions to access external endpoints or secrets.
- Install Mechanism
- okNo install spec and only a tiny Python script are included. No downloads, package installs, or extract steps are present.
- Credentials
- okNo environment variables, credentials, or config paths are required or referenced.
- Persistence & Privilege
- okDefault runtime flags (always: false, agent invocation allowed) are used. There is no request for permanent presence or modification of other skills/config.