Pyx Scan
ReviewAudited by ClawScan on May 10, 2026.
Overview
This scanner skill is mostly coherent, but its curl fallback uses the requested skill name in a shell command without strict validation, which could be unsafe with crafted input.
Use only normal owner/name identifiers with this skill, and treat PYX results as advisory rather than absolute proof. The maintainer should harden or remove the Bash/curl fallback before users rely on it for untrusted inputs.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A maliciously formatted skill name could potentially cause unintended local shell behavior if WebFetch fails and the curl fallback runs.
The skill accepts user-provided owner/name input but only documents minimal validation before interpolating it into a shell command. Crafted characters such as shell command substitutions or quote-breaking input could be interpreted by Bash if the fallback is used.
allowed-tools: WebFetch, Bash(curl *) ... Trim whitespace. Reject if either part is empty ... curl -s "https://scanner.pyxmate.com/api/v1/check/{owner}/{name}"Remove the Bash fallback or strictly allowlist expected owner/name characters, URL-encode path components, and avoid passing untrusted text through a shell.
A SAFE result could make users more willing to install a skill without doing additional review for sensitive use cases.
The report wording presents a third-party API result as 'verified safe.' This is aligned with the scanner purpose, but users may over-trust it as a guarantee rather than an external advisory.
**Verdict: SAFE** — This skill has been scanned and verified safe. ... Use the JSON response fields to determine the verdict
Phrase results as 'PYX reports this skill as safe' and keep a reminder that high-impact skills may still warrant manual review.