Skillv1.0.0

ClawScan security

Join Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 28, 2026, 10:22 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation describes a field-based, SQL-like join with options, but the included script only zips lines together — the declared capabilities do not match the actual implementation.
Guidance: This skill's documentation promises a field-aware join utility but the included script only concatenates corresponding lines from two files. That mismatch means you should not rely on it for real join semantics — it can produce incorrect results. Before installing or using it: (1) review and test scripts/join.py on non-sensitive sample data; (2) confirm whether the author intended this simplified behavior or whether the full implementation is missing; (3) if you need true JOIN behavior, use a well-known tool (e.g., Unix 'join', csvkit, or a scripting library) instead; (4) avoid running it on production or sensitive files until corrected. If the author provides an updated implementation that matches the SKILL.md, reassess — until then the skill is incoherent and potentially dangerous due to misleading behavior.

Purpose & Capability: concernThe name/description and SKILL.md describe a text-file JOIN with field selection, separators, and options (-1, -2, -t, -a). The provided script (scripts/join.py) simply reads two files and concatenates corresponding lines (zip), with no support for fields, separators, options, sorting, or proper join semantics. This is a clear mismatch: the skill claims capabilities it does not implement.
Instruction Scope: concernSKILL.md instructs usage of a 'join-tool' with many options and examples implying complex behavior. The runtime artifact is a minimal script that ignores those options. The instructions thus overpromise and could cause users to run it expecting SQL-like joins; there is no guidance about limitations or fallback behavior.
Install Mechanism: noteNo install spec is provided (instruction-only), which is low-risk. However a code file is bundled (scripts/join.py). The SKILL.md references an executable 'join-tool' while the repo contains 'join.py' — another coherence problem but not an installation risk by itself.
Credentials: okNo environment variables, credentials, or config paths are requested. The skill does not access network, secrets, or other system resources in the provided code.
Persistence & Privilege: okNo special persistence or elevated privileges are requested (always: false). The skill is user-invocable and can be called autonomously (default), which is normal and not by itself concerning here.