Name Analyzer
Security checks across malware telemetry and agentic risk
Overview
The artifacts show a simple local name-analysis tool; the main thing to notice is that its docs run a Python script even though the registry does not declare a Python requirement.
This skill appears safe and purpose-aligned for entertainment-style name analysis. Before installing, note that the documented script workflow requires Python even though the registry metadata does not declare it; otherwise, the artifacts do not show sensitive permissions, network access, credential handling, persistence, or destructive behavior.
VirusTotal
No VirusTotal findings
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the scripted workflow runs local Python code on the user's machine to analyze supplied names.
The documented workflow involves running the included local Python script. This is expected for the skill's stated purpose and the shown code has no network, shell, or file-write behavior, but users should know they are executing local code.
python3 scripts/name_analyzer.py analyze --name "张伟"
Run it only if you intend to use the script, and review the included source if your environment treats local code execution as sensitive.
Installation metadata may not warn users or automated installers that Python is needed for the documented script workflow.
The docs declare a Python runtime requirement, while the registry metadata says there are no required binaries and no install spec. This under-declaration is purpose-aligned and not suspicious, but it is a packaging/provenance detail users and maintainers should notice.
## 依赖 - Python 3.8+ - 无外部依赖
Declare `python3` or Python 3.8+ in the skill metadata, or keep the skill purely instruction-only without script-run examples.