Traceroute Tool
PassAudited by ClawScan on May 5, 2026.
Overview
This appears to be a simple traceroute wrapper for network diagnostics, with minor notes about local command execution and an undeclared traceroute dependency.
This skill looks safe for its stated purpose. Before installing, be aware that it can run traceroute from your machine and send diagnostic probes to a destination host, so only use it for authorized network troubleshooting and ensure your local traceroute binary is trusted.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can send diagnostic network traffic to external hosts and may reveal that the user's machine or network contacted those destinations.
The skill runs the local traceroute command against a user-supplied host, which is expected for network path diagnostics but still performs outbound network probing.
subprocess.run(['traceroute', host])
Use it only for hosts you are authorized to diagnose, and review the destination before allowing the agent to run it.
The skill may fail or behave differently depending on which traceroute implementation is installed locally.
The metadata does not declare any required binary, while the script relies on the system traceroute command. This is an installation/provenance clarity issue, not evidence of malicious behavior.
Required binaries (all must exist): none; Required binaries (at least one): none
Confirm that a trusted traceroute binary is installed on the system before using the skill.