Skillv1.0.0

ClawScan security

Nc Tool · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 29, 2026, 8:05 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The package claims a full netcat-like utility (TCP/UDP, listen mode, port scanning) but the included code is a tiny one-shot TCP connector that does not implement the advertised features — this mismatch is suspicious and should be clarified before use.
Guidance: The skill's documentation promises many netcat features but the actual code only opens a single TCP connection and then exits. This is likely an incomplete or mispackaged tool rather than overtly malicious, but you should: (1) ask the publisher to explain or provide the real implementation for the advertised features; (2) review and test the script in an isolated environment (sandbox) before running it on sensitive systems; (3) avoid running it as a privileged user; and (4) be aware that any tool which opens network connections can be abused for scanning or exfiltration — only use against hosts you control or have permission to test. If you need full netcat functionality, prefer a well-known implementation (e.g., the system's nc/netcat) or a reviewed package.

Purpose & Capability: concernThe skill's name and SKILL.md describe a full-featured netcat (TCP/UDP, listen mode, port scanning, piping), but the only code (scripts/nc.py) only accepts two args, opens a single TCP connection, prints a message, and closes. The declared capability set is disproportionate to the actual code.
Instruction Scope: concernSKILL.md shows command-line options and examples for behaviors (e.g., -l, -p, -z, UDP, piping) that the script does not implement. The instructions therefore mislead the agent/operator about what will happen at runtime; they do not request extra env or file access, but they grant the agent discretion to run unsupported options.
Install Mechanism: okThis is an instruction-only skill with a small included script and no install spec, no downloads, and no external packages — minimal installation risk.
Credentials: okNo environment variables, credentials, or config paths are required or requested, which is proportional to the simple script included. There is no evidence of hidden credential access.
Persistence & Privilege: okThe skill does not force always-on inclusion and does not request elevated persistence or system-wide configuration changes.