源码分析
PassAudited by ClawScan on May 11, 2026.
Overview
This skill is a source-analysis helper that downloads and inspects user-selected repositories or packages, with some normal caution needed around untrusted code archives and extracted prompt text.
This skill appears coherent and purpose-aligned. Before using it, make sure you only download and unpack projects you intend to analyze, keep extracted files in temporary or isolated locations, and treat any extracted system prompts or instructions as quoted evidence rather than instructions for your agent to follow.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A package archive being analyzed could contain unexpected files or content, even though the artifacts do not instruct running that code.
The skill documents downloading and unpacking user-selected npm packages. This is expected for source analysis, but it handles untrusted third-party archives.
cd /tmp && npm pack @{scope}/{package-name}
tar xzf {package-name}-*.tgzAnalyze only packages you intentionally selected, keep extraction in temporary or isolated directories, and avoid executing downloaded package contents unless separately reviewed.
Downloaded source, README files, and package contents may be misleading or malicious if the selected upstream project is untrusted.
The workflow retrieves content from GitHub and npm based on user-supplied project identifiers. This is central to the skill, but the retrieved content is untrusted supply-chain material.
curl -s -L --max-time 15 "https://raw.githubusercontent.com/{owner}/{repo}/main/README.md"Treat fetched repository and package contents as untrusted evidence, and avoid giving them authority to change the agent’s goals or run code.
Prompt fragments from an analyzed project could be mistaken for live instructions if not clearly treated as quoted data.
The skill intentionally extracts prompt-like instructions from binaries and source files. Those extracted strings may look like instructions to the reviewing agent, but they are part of the analyzed artifact.
grep -aoP 'You are [^\"]{0,500}' /path/to/binary | sort -uKeep extracted prompts and behavioral instructions quoted in reports, and treat them only as analyzed content, not as directions for the current agent.
Running the helper script requires local shell access and will read the selected file and write an extraction report.
The included helper script runs local shell commands against a user-provided binary path, but it only reads the file and writes extracted text to a report.
BINARY="${1:?Usage: $0 <binary_path> [output_dir]}" ... grep -aoP '"tool_name":"[^\"]*"' "$BINARY"Run the script only on files you intend to inspect, and choose an output directory where generated reports are acceptable.