Grokipedia
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search terms and article lookups may be visible to Grokipedia, but no credentials or local files are involved.
The skill discloses external network calls, and the included scripts use Grokipedia URLs for search and article fetching. This is purpose-aligned, but users should know queries are sent to that site.
**Network access:** Fetches from `grokipedia.com` only (search API + article pages)
Use it for public information lookups and avoid submitting sensitive private queries unless you are comfortable sending them to Grokipedia.
Installing the skill will fetch dependency code into the skill directory, so the effective codebase includes packages beyond the reviewed scripts.
The skill installs third-party packages with semver ranges. That is normal for this parser, but it means installed dependency versions may vary, and the registry metadata under-declares the install/runtime requirements.
"install": "bun install --production" ... "dependencies": { "jsdom": "^24.0.0", "@mozilla/readability": "^0.5.0" }Install from a trusted package source and consider using a lockfile or pinned dependency versions if you need reproducible installs.