Uuid Tool
PassAudited by ClawScan on May 9, 2026.
Overview
This appears to be a simple local UUID generator with no network, credential, or persistence behavior, though its documentation overstates some supported features.
This skill is safe to consider as a local UUID helper, but check the actual script options before using it because the documentation lists features that are not implemented. Avoid publishing UUID v1 values if timestamp or machine-identifying metadata would be sensitive, and keep bulk generation counts reasonable.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent may try commands that do not work or assume the tool can perform checks that it cannot actually perform.
The documentation advertises v7, parse, nil, JSON, and command flags that are not implemented in scripts/genuuid.py, which only exposes --version choices [1, 4, 5] plus --name/--namespace formatting options. This is a trust and reliability issue, not evidence of malicious behavior.
Supports time-based (v1, v7), random (v4), and namespace-based (v5) UUIDs ... Commands: --generate VERSION ... --parse UUID ... --nil ... --from-name TEXT
Verify the actual script options before relying on the documented examples, or update the documentation/script so the advertised features match the implementation.
If v1 UUIDs are shared publicly, they may reveal when they were generated and potentially identify the generating machine or node.
Python UUID v1 values can include timestamp and node-identifying metadata. The skill describes v1 as time-based but does not call out this privacy tradeoff.
if version == 1:
u = uuid_module.uuid1()Use v4 or v7-style UUIDs for public identifiers when host/time metadata disclosure matters; if v1 is kept, document the privacy implication clearly.
An accidentally huge count could waste local CPU/time or produce excessive output.
The script accepts a user-controlled count and loops over that value without enforcing the SKILL.md-stated maximum of 1000 UUIDs.
parser.add_argument('--count', '-n', type=int, default=1, help='Number of UUIDs to generate')Add an explicit upper bound matching the documentation, and reject negative or excessively large values.