find-skills-combo
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could see or interpret the skill instructions differently than intended if the raw file contains display-changing characters.
Invisible Unicode control characters can make the raw instruction text display differently from what a reviewer or user expects. The neutralized artifact does not show a malicious payload, but the hidden formatting is not purpose-aligned.
Pre-scan injection signals: unicode-control-chars; controlCharactersRemoved: 4
Inspect the raw SKILL.md, remove all invisible control characters, and reinstall only after confirming the visible instructions match the raw contents.
If used carelessly, the agent could install or update skills persistently, including more skills than the user intended.
These commands are related to the skill's purpose, but global installation, skipped confirmation, and updating all installed skills can modify the agent environment beyond a simple recommendation.
`npx skills add <package> -g -y` — Install globally, skip confirmation; `npx skills update` — Update all installed skills
Require explicit user approval before any install or update, avoid `-y` unless the user specifically requests it, and review each proposed skill before installation.
Installing recommended skills could bring in unreviewed third-party instructions or code.
The skill's intended function involves discovering and installing third-party skills. That is purpose-aligned, but it introduces normal supply-chain risk from external packages.
`npx skills add <package>` — Install a skill from GitHub or other sources
Prefer well-known sources, review package provenance and permissions, and install only the specific skills the user approves.