Skillv0.1.2

ClawScan security

slopcheck · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 1:01 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only README for a tool that validates npm package names in docs; it asks for no credentials or installs and its behavior aligns with the stated purpose, though it references running an external npx package (which you should not execute blindly).
Guidance: This skill is essentially a README for a CLI that checks whether package names referenced in docs exist on npm; it's internally consistent and doesn't ask for secrets. Two practical cautions: (1) the SKILL.md demonstrates running `npx slopcheck` — running `npx` will fetch and execute code from the npm registry, so only run it if you trust or have inspected that package (prefer installing a vetted local copy or reviewing the GitHub source linked in the doc). (2) slopcheck intentionally does not scan package.json or lockfiles, so do not rely on it as your only supply-chain check. If you want fully automated enforcement inside agents, ask for a bundled implementation or explicit install instructions so you can audit the code before execution.

Purpose & Capability: okThe name, description, and runtime instructions consistently describe scanning markdown/YAML/JSON/.cursorrules files for npm install/npx/pnpm/yarn/bun commands and checking package existence against the npm registry. Nothing requested (no env vars, no config paths) is unrelated to that purpose.
Instruction Scope: okSKILL.md keeps scope narrowly to extracting package names from listed file types and querying the npm registry. It explicitly excludes package.json/lock files and lists directories to skip. The instructions do not ask the agent to read unrelated credentials or system state.
Install Mechanism: noteThis is instruction-only (no install spec, no code). The doc repeatedly shows usage via `npx slopcheck` which would download and execute a package from npm at runtime — a real-world risk if you run it locally, but that is a user execution concern rather than hidden behavior of the skill bundle itself. The lack of a bundled implementation is a minor inconsistency (README for a tool with no shipped code here).
Credentials: okNo environment variables, credentials, or config paths are requested. That is proportionate for a read-only registry-checking tool that runs against local files and the public npm registry.
Persistence & Privilege: okalways is false and autonomous invocation is allowed (the platform default). The skill does not request persistent presence nor claim to modify other skills or system config.