tldr
PassAudited by ClawScan on May 1, 2026.
Overview
This is a simple instruction-only helper for using the local tldr command, with only minor provenance notes.
This skill appears safe for ordinary use as a tldr documentation helper. Before installing, make sure the `tldr` command on your system comes from a trusted source, and be aware that the registry and bundled metadata do not fully match.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the local tldr client is untrusted or outdated, the agent may show incorrect command examples or rely on an unsafe local tool.
The skill does not install or bundle code, but it relies on whichever `tldr` binary is already present locally. This is central to the skill purpose, but users should ensure that binary came from a trusted source.
Source: unknown; Homepage: none; Required binaries (all must exist): tldr; No install spec — this is an instruction-only skill.
Install `tldr` from a trusted package manager or official project source before using this skill.
The skill identity information is not fully consistent, so users may have less assurance about packaging lineage.
These packaged metadata values differ from the supplied registry metadata for owner, slug, and version. With no executable code present this is not a behavioral concern, but it is a provenance/packaging inconsistency.
"ownerId": "kn70v8jresmqyagktg0erwmp217z59ky", "slug": "tldr", "version": "1.0.1"
Prefer a registry entry with consistent owner, slug, version, and source metadata if provenance matters for your environment.