Skill Safety Auditor
Security checks across malware telemetry and agentic risk
Overview
This is a coherent local skill-auditing tool, but users should treat scan output as sensitive and not rely on it as a complete security or CVE audit.
This skill appears safe to install for local, user-directed skill audits. Before using it, review the shell scripts, run them only against intended skill directories, keep scan output and audit reports private, and use additional professional tools for dependency/CVE and comprehensive security coverage.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at a broad or unintended directory, the scanner may read many local project files and report findings from them.
The full audit recursively scans a user-supplied local path with shell tools. This is central to the stated auditing purpose, but the path scope is controlled by the caller.
grep -rn -E "$pattern" "$TARGET_SKILL" ... ; find "$TARGET_SKILL" -type f -perm -002
Run it only on the specific skill directory you intend to audit and review the command path before execution.
Secrets found in a target skill could appear in terminal output, logs, or the agent conversation transcript.
The quick scan prints matching lines for potential secrets, which can include actual credential values if the scanned files contain them.
SECRETS=$(grep -rn -E "api[_-]?key.*=.*...|password.*=.*...|token.*=.*..." "$TARGET_SKILL" ...); ... echo "$SECRETS"
Treat scan output as sensitive, avoid sharing transcripts containing findings, and prefer redacted reports when scanning code that may contain real credentials.
Some features may fail or behave differently on systems without the expected Unix tools.
The scripts rely on local shell utilities such as jq, while the registry metadata declares no required binaries. No hidden remote dependency is shown, but runtime requirements are under-declared.
skill=$(jq -r '.skill' "$audit_file" 2>/dev/null || echo "unknown")
Confirm the scripts and required local utilities are available before relying on the skill; the package metadata should declare these requirements.
A user could overestimate the completeness of the audit, especially for dependency vulnerabilities.
The documentation advertises known-CVE dependency checking, but the provided implementation appears limited to simple package-name pattern checks rather than a vulnerability database.
| `dependencies` | Known CVE vulnerabilities | High |
Use this as a lightweight static check, not as the sole pre-release security review; supplement it with dedicated dependency/CVE scanners.