Axioma Skill Evaluator
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This skill is reasonable to use for local skill-quality checks, but run the Python scripts only on intended folders, verify Python/PyYAML availability, avoid the all-skills mode unless you understand its hard-coded path behavior, and manually review any generated approval result. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill executes local Python scripts that inspect files in the target skill directory.
The skill instructs the user or agent to run bundled local Python code against a skill path. This is expected for a skill evaluator, but it is still local code execution and file reading.
python3 evaluator.py <skill-path> --verbose --improve
Run it only on skill folders you intend to evaluate, and inspect the scripts first if you are using it in a sensitive workspace.
The skill may fail or behave differently depending on the local Python environment and installed packages.
The package includes runnable Python files, while the registry declares no install mechanism or required binaries. SKILL.md also documents Python/PyYAML expectations, so setup requirements are under-declared.
No install spec — this is an instruction-only skill.
The publisher should declare Python/PyYAML requirements clearly; users should verify dependencies before relying on automated evaluation results.
Using the all-skills mode may scan more skill files than the user intended, or may simply fail on systems without that path.
The script advertises an all-skills mode and hard-codes a local skills directory. This is not the main SKILL.md workflow, but it could read or report on a broader environment-specific skill tree if invoked.
python3 evaluator.py --all [--improve]; SKILL_DIR = Path("/media/ezekiel/Morgana/skills")Prefer explicit per-skill paths unless you have reviewed the all-skills behavior and confirmed the target directory.
Users might treat a flawed generated report as an authoritative publish/no-publish decision.
A bundled report shows an approval status that conflicts with its own score and threshold. This looks like a reporting-quality issue, but it could mislead users or agents into over-trusting an evaluation result.
Score: 64/100 🟠 NEEDS_WORK ... STATUS: ✅ APPROVED (score >= 70%)
Use the numeric score and detailed findings, not just the final status line, and validate important publishing decisions manually.