Back to skill
Skillv1.9.72
ClawScan security
Wip License Guard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 9:25 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, CLI, and install steps are coherent with a repo license-checker; no code paths suggest exfiltration or unrelated credential access, though there are a few small provenance and scope notes you should review before installing.
- Guidance
- This skill appears to do what it claims: audit and (optionally) auto-fix license, README, and CLA files and to block commits/pushes when configured. Before installing: 1) Review the npm package source (repository URL in package.json) and confirm the publisher is trusted; there is no homepage in the skill metadata and the package version in package.json differs from the registry metadata — verify you are installing the intended release. 2) Run readme-license and check/--dry-run modes first to see what would change; avoid running --fix on critical repos without review. 3) Be aware the hook can block commits/pushes; if you rely on automated workflows, test in a sandbox. 4) Inspect the generated CLA text (it contains a broad license grant to "WIP Computer, Inc.") to ensure the legal terms are acceptable for your contributors. 5) If you use shared template directories, note the tool will search parent directories and an optional WIP_TEMPLATES_DIR env var — verify templates it may pick up are trusted.
Review Dimensions
- Purpose & Capability
- okName/description, required binaries (node, git), npm install of @wipcomputer/wip-license-guard, and the included CLI/hook code align with a tool that audits and repairs LICENSE, README license sections, and CLA files. The package provides the declared wip-license-guard binary and the source files implement the described functionality.
- Instruction Scope
- noteRuntime instructions and code operate on repository files (README, LICENSE, CLA, tools/*) and include an option to auto-fix (write files). The hook listens to PreToolUse events and can block git commit/push. Code walks up parent directories (up to 10 or 20 levels) to find templates and .git roots — this means running the tool in a nested path may read templates or find repositories outside the immediate folder. That behavior is explainable for template discovery but may be surprising; use dry-run first.
- Install Mechanism
- okInstall uses an npm package name (@wipcomputer/wip-license-guard) which is an expected delivery mechanism for a node CLI. This is a moderate-risk install vector in general (npm packages execute code on install/run) but appropriate for the stated purpose. There are no downloads from arbitrary URLs or extract steps in the spec.
- Credentials
- noteSkill declares no required environment variables, but core.mjs references an optional WIP_TEMPLATES_DIR env var for template discovery. That is reasonable as an opt-in template override, but it is an undeclared environment hook you should be aware of. The tool does not request or access cloud credentials or other secrets.
- Persistence & Privilege
- okalways:false and user-invocable:true. The package includes a PreToolUse hook (via package.json metadata and guard.mjs) that can deny git commits/pushes when compliance fails — this is consistent with the tool's purpose. The skill does write files when run with --fix or init --from-standard, which is expected behavior for an auto-fixer.