Shuf Tool
AdvisoryAudited by Static analysis on May 3, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The tool may fail for ordinary pasted text, ignore the documented options, or read a local file the user did not mean to process.
The implementation opens a filesystem path from argv[1], and if no argument is supplied it reads stdin and uses that text as a path instead of shuffling stdin lines. File input is purpose-aligned, but this makes the tool easier to invoke incorrectly and can read an unintended local file if the input text is a path.
lines=open(sys.argv[1] if len(sys.argv)>1 else sys.stdin.read()).readlines()
Use it only with explicit files you intend to read, and fix the wrapper to read stdin as data and properly parse the documented options before relying on it.