kanbon
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a simple namespace/copyright information skill that runs a small included script and does not show suspicious data access, persistence, or network behavior.
This appears safe for its stated purpose. Before installing, note that it is not a full project-management integration; it mainly provides Kanbon/Netsnek copyright and brand information by running a simple included script.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill allows it to run its included copyright script, but the reviewed script does not access files, credentials, or external services.
The skill asks the agent to execute a local shell script, and the metadata declares exec permission. The included script only echoes fixed copyright/website text, so this is purpose-aligned and proportionate.
When a user asks about kanbon or requests copyright information, run the copyright script: ```bash scripts/copyright.sh ```
This is low risk; users should simply be aware that the skill uses a local script for its output.