Skillv1.0.1

ClawScan security

qrcode · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 6:23 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, files, and runtime instructions are consistent with its stated purpose (local QR code generation/decoding); no hidden endpoints or unrelated credentials are requested.
Guidance: This skill appears to do exactly what it says: local QR generation and decoding with both Python and Node.js script implementations. Before installing or allowing the agent to run it, consider: (1) the skill will attempt to auto-install Python/npm dependencies (network access and possible native builds); you may prefer to install dependencies manually so you can review them first; (2) batch-decode will, by default, write results back into the original CSV/XLSX file—make a backup if you need the originals preserved; (3) when decoding URLs the skill will download the remote image to a temp file (expected behavior); verify you trust the image sources; (4) if you have restricted environments, run the scripts in a sandbox or inspect the scripts themselves (they are included) before execution. The only minor oddity is a version mismatch between package.json and the registry metadata, which is likely benign but worth checking.

Review Dimensions

Purpose & Capability: okName/description (generate & decode QR codes) match the included scripts (generate/decode and batch variants in Python & Node). Dependencies listed (qrcode, zxingcpp, qr-scanner-wechat, etc.) are appropriate for the functions. Minor metadata inconsistency: package.json lists version 2.0.0 while registry metadata shows 1.0.1 (likely packaging/version drift, not malicious).
Instruction Scope: noteSKILL.md instructs the agent to run the included scripts and to download remote images only when given an image URL — that matches the code. Two noteworthy operational behaviors: (1) the skill auto-installs dependencies without prompting the user (pip install -r requirements.txt or npm install), and (2) batch decode will write results back into the original CSV/XLSX file by default (modifies user files). Both behaviors are documented in SKILL.md but merit user awareness.
Install Mechanism: noteThere is no platform-level install spec; installation is performed at runtime by running pip/npm as described in SKILL.md. That is expected for an instruction+script skill, but it means packages will be fetched from PyPI/npm (network and native build steps may occur). The requirement zxingcpp (Python) may require native build tooling on some systems.
Credentials: okThe skill requests no environment variables, credentials, or config paths. It only performs file I/O, temporary downloads of user-provided image URLs, and dependency installs — all coherent with its purpose.
Persistence & Privilege: okSkill flags are default (always: false, user-invocable: true, autonomous invocation allowed). The skill does not request permanent platform-wide privileges or modify other skills' configs. It will create temp files and may overwrite input files for batch decode (documented).