Skillv1.0.0

ClawScan security

TypeScript Package Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 11, 2026, 1:10 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files, instructions, and included scripts are consistent with a TypeScript package-manager helper; nothing appears intentionally misleading, but the runtime guidance includes commands that execute shell installers and spawn processes which you should review before running.
Guidance: This skill appears to do what it claims: documentation, templates, and helper scripts for managing TypeScript package managers. Before you run any of the suggested commands or bundled scripts, review them carefully: they call out to the system shell (child_process.execSync) and recommend commands that download and run remote installers (e.g., curl | bash). If you plan to execute migration/install steps, prefer installing from trusted package sources, inspect remote install scripts first, run in an isolated environment or container, and avoid pasting or piping installers into a shell on a production machine. Also avoid entering registry tokens into commands unless you understand where they're stored. If you need higher assurance, request the exact runtime behavior or run the helper scripts in a sandbox to inspect their network and file activity.

Review Dimensions

Purpose & Capability: okThe name/description (TypeScript package-manager expertise) matches the provided assets: guides for npm/yarn/pnpm/bun/deno, templates, and helper scripts (bun-workflow.js, npm-workflow.js, health-check.js). The included JS helpers and docs are appropriate for the stated purpose.
Instruction Scope: concernSKILL.md and the included workflow files instruct running CLI commands and provide migration steps that include executing network installers (e.g., curl -fsSL https://bun.sh/install | bash) and other shell commands. While expected for tooling setup, these instructions allow arbitrary remote code execution if run without inspection — the agent's runtime instructions should not be executed blindly.
Install Mechanism: noteThere is no install spec for the skill itself (instruction-only), so nothing will be written to disk by an installer. However, documentation and scripts advise downloading and running external installers (bun.sh). The URLs used (bun.sh) are the official project site, but piping remote scripts into a shell is inherently risky and should be reviewed before running.
Credentials: okThe skill declares no required environment variables or credentials. Some example templates and commented snippets reference tokens (e.g., $NPM_TOKEN) in typical registry configuration contexts, but the skill does not demand secrets at install time.
Persistence & Privilege: okThe skill is not marked always:true and does not request system-wide configuration or to persist credentials for other skills. It is user-invocable and allows autonomous invocation (default), which is expected for skills.