skill-graph-for-analogical-reasoning

PassAudited by ClawScan on May 11, 2026.

Overview

This appears to be a local skill-indexing tool, but it runs bundled Python and saves an index/HTML view of local skill files, so use it only on skill folders you intend to index.

This skill looks benign and purpose-aligned for local skill graph retrieval. Before installing, be aware that it executes Python, scans the SKILL.md folders you provide, and writes graph/HTML files that may reveal local skill metadata. Use trusted source folders and avoid untrusted local grap-skill executables on PATH.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Info

#ASI05: Unexpected Code Execution

What this means

Using the skill can execute its bundled Python code on local files you point it at.

Why it was flagged

The skill intentionally runs a local Python helper to implement its graph commands. This is disclosed and aligned with the skill's purpose.

Skill content

This skill is allowed to call code. The `python3 {baseDir}/scripts/run_grap_skill.py ...` commands below are the stable execution entrypoints

Recommendation

Run it only from a trusted installed skill bundle and review command arguments before building or rendering a graph.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

If a different local grap-skill package or executable is installed, it may be used instead of the reviewed bundled code after a bundled failure.

Why it was flagged

If the bundled import/execution path raises an exception, the wrapper can fall back to an installed Python module or a grap-skill executable found on PATH.

Skill content

except Exception:
        pass

    module_command = [sys.executable, "-m", "auto_grap_skill", *sys.argv[1:]]
...
    command = shutil.which("grap-skill")

Recommendation

Prefer the bundled helper path, keep local PATH entries trusted, and avoid relying on an unknown external grap-skill executable.

Low

#ASI06: Memory and Context Poisoning

What this means

Generated graph files may store local skill names, descriptions, paths, and other metadata, and untrusted skill files could influence later retrieval results.

Why it was flagged

The build command creates persistent graph data from local skill instructions and metadata, which later query results can use to choose primary and supporting skills.

Skill content

recursively scans `SKILL.md` and `skill.md` ... persists both a `similarity` view and a `complementarity` view into `graph.json`

Recommendation

Build graphs only from skill folders you intend to index, rebuild after removing untrusted skills, and avoid sharing graph or HTML outputs if they reveal private workspace structure.