CORS Tester
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a straightforward CORS testing helper that sends user-directed HTTP requests and prints CORS results or configuration snippets.
This looks safe for its stated purpose. Before installing or using it, confirm you have permission to test the target URLs, because the tool sends real network requests to them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill against a URL will send real HTTP requests, including test Origin headers, to that server.
The script makes outbound HTTP requests to a user-supplied URL. This is central to CORS testing, but it means the skill can contact live services and generate server log entries.
req = urllib.request.Request(url, headers=headers, method=method) resp = urllib.request.urlopen(req, timeout=15)
Use it only with URLs you own or are authorized to test, and avoid placing secrets in URLs or custom headers.