v1.0.0

Pwd Tool

BenignClawScan verdict for this skill. Analyzed Apr 30, 2026, 10:10 PM.

Analysis

This skill only prints the current working directory path, with no credentials, network access, install steps, or suspicious code shown.

GuidanceThis appears safe for its stated purpose: it prints the current working directory. Be aware that the displayed path may reveal local project or username information if you share the output, and consider the limited source provenance if your workflow requires verified publishers.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The package has limited provenance information. This is only a note because the provided artifact set is tiny, includes the full script, has no install spec, and declares no dependencies or remote sources.

User impactUsers have less external provenance information about who maintains the skill, but the included code is simple and directly matches the stated purpose.

RecommendationReview the provided SKILL.md and scripts/pwd.py before use, especially if your environment requires verified source provenance.