zeh-local-inspector

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI05: Unexpected Code Execution

What this means

The agent may run a local script and return your current folder path plus up to ten file or folder names.

Why it was flagged

The skill asks the agent to execute a bundled local Python script. This is disclosed and purpose-aligned; the provided script only reads the current directory path and top-level entries.

Skill content

When inspection is needed, run:

python scripts/inspect_cwd.py

Recommendation

Use it only in directories where sharing the path and top-level names is acceptable, and review any future script changes before installing updates.