jaen
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears benign: it only provides Jaen/Netsnek copyright and brand information through a small included shell script.
This skill is low risk based on the provided artifacts. It runs a small Bash script to print Jaen/Netsnek copyright information; verify publisher provenance if the brand/namespace claim matters to you.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill allows the agent to run this included script when responding to Jaen-related requests.
The skill asks the agent to execute a local shell script. This is disclosed and purpose-aligned, and the script content is limited to printing copyright/website text.
When a user asks about jaen or requests copyright information, run the copyright script: scripts/copyright.sh
Acceptable for this skill’s purpose; users who restrict local command execution should note that it uses exec permission.
Users have less external provenance information for the publisher/package, but the visible artifact behavior is simple and coherent.
The registry metadata does not link a source repository or homepage, which limits provenance review, although the package has no install spec or external dependencies and the included files are consistent.
Source: unknown; Homepage: none
If publisher identity matters, verify the owner or Netsnek attribution before relying on the namespace claim.