Skillv1.9.72

ClawScan security

Wip License Hook · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 9:25 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The package and SKILL.md are internally consistent with a license-rug-pull detection tool: required binaries, install method, CLI, hooks, and scanner behavior align with the described purpose and there are no requested secrets or remote install URLs that contradict the stated functionality.
Guidance: This skill appears coherent for license-rug-pull detection, but review and consider the following before installing: 1) It will write LICENSE-LEDGER.json and create ledger/snapshots/ and dashboard/ files in your repository and installs (optional) git hooks that run on pull/push — ensure you want these side effects. 2) The tool runs shell commands (git fetch/show, npm view, pip show, cargo commands) and may contact package registries unless used with --offline; run it from a trusted environment and avoid scanning repos with sensitive data you don't want touched. 3) The MCP server handler in the package shows some API shape inconsistencies (gate/scan function signatures vs. the mcp handlers) — this looks like an implementation bug rather than malicious code; still audit the mcp-server.mjs if you plan to expose it. 4) Because this is an npm-distributed CLI, prefer installing locally (repo-level) or auditing the package contents before installing globally; consider running it first in an isolated container/VM to confirm behavior. If you need higher assurance, review package.json, mcp-server.mjs and the dist/ JS files for any modifications to network endpoints or unexpected I/O before use.

Review Dimensions

Purpose & Capability: okThe name/description (license rug-pull detection) aligns with the requested binaries (node, npm, git), the npm install spec (@wipcomputer/wip-license-hook), the CLI commands, and the code that scans package managers and upstream git remotes. Nothing in the manifest requests unrelated credentials or platform access.
Instruction Scope: noteSKILL.md and the CLI/hook scripts instruct the agent to read repository files, run git fetch/show, inspect package files, call npm/pip/cargo/pip commands, and write a LICENSE-LEDGER.json and archived snapshots into the repo — all expected for this tool. Note: it will install git hooks into .git/hooks and may run network calls (npm view, pip show, git fetch) unless run with --offline.
Install Mechanism: okInstall is an npm package (package: @wipcomputer/wip-license-hook) which is the expected distribution for a Node CLI. This is moderate-risk by nature (registry package install) but proportional to the skill's functionality; no remote arbitrary URL downloads or extract-from-unknown-host operations are present.
Credentials: okThe skill declares no required environment variables or credentials and does not attempt to access unrelated system config paths. It does execute shell commands (git, npm, pip, cargo) against repos and registries — consistent with scanning license metadata — but does not request API tokens or secrets.
Persistence & Privilege: notealways:false (no forced inclusion). The skill writes ledger files and snapshot files into the repository and can install git hooks — expected behavior for a hook tool. Installing hooks grants it ongoing execution on git operations within that repo (pre-pull/pre-push), which is intended but worth noting before adding to important repos.