China Industrial Machinery Factory
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
You have limited information about who maintains the skill or where its data/code originates.
Why it was flagged
The bundled code and data have limited external provenance information. This is not suspicious by itself because the artifacts show no install scripts, dependencies, network calls, or privileged behavior, but users have less publisher context.
Skill content
Source: unknown; Homepage: none
Recommendation
Review the visible run.py and data.json before relying on it, and prefer a verified source or homepage if provenance matters.