Security Sentinel Ultimate

PassAudited by ClawScan on May 10, 2026.

Overview

This skill appears to be a purpose-aligned local security scanner, with no artifact-backed evidence of hidden network access, credential theft, or destructive behavior.

This looks like a normal local code-scanning skill. Before installing, note that the provided scanner source is truncated in the review context, and only run it against directories you are comfortable having inspected and summarized.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

If invoked on the wrong directory, the scanner may read and report on Python source files the user did not intend to scan.

Why it was flagged

The skill runs a local Python scanner with a user-supplied path argument. This is central to the stated scanning purpose, but users should be aware it can inspect local files in the selected directory.

Skill content

execution:
      command: python3 {{SKILL_DIR}}/scanner.py "{{path}}"

Recommendation

Use the tool only on skill directories or other code folders you intentionally want reviewed.