计划验证器
Security checks across malware telemetry and agentic risk
Overview
This skill shows no credential, network, persistence, or high-impact system behavior, but its validation logic appears very lightweight and should not be treated as a strong safety gate.
This skill appears safe to install from a security-behavior perspective, but do not rely on it as a complete plan-safety validator. It does not actually verify real tool availability, permissions, dependencies, or execution feasibility in depth.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may make a plan appear validated even when it has not meaningfully checked feasibility, tools, permissions, or dependencies.
A function described as checking whether a plan is realistic returns success unconditionally, which is much weaker than the skill's advertised plan-validation role.
def check_reality(self, plan_data):
"""Check if plan is realistic"""
return {'realistic': True, 'confidence': 0.95}Use this as a lightweight checklist/helper only, and independently review important plans before execution.