Skill Deps Doctor
ReviewAudited by ClawScan on May 10, 2026.
Overview
The dependency-checking purpose is legitimate, but the fallback wrapper can import and run Python code from the current folder, which is risky on untrusted projects.
Install only from a trusted source, prefer the normal skill-deps-doctor binary over the fallback wrapper in untrusted directories, use --no-plugins unless plugins are trusted, restrict recursive scans to intended paths, and review generated fix scripts before executing them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the skill is run from a directory controlled by someone else, a matching local package could run code with the user's privileges.
The wrapper prepends a directory from the current working directory to Python's import path if it contains a skill_deps_doctor package, then imports and runs that package's CLI. This supports development layouts, but it can also let an untrusted project folder hijack the import and execute local Python code.
for candidate in (HERE.parents[3], HERE.parents[2], Path.cwd()): ... sys.path.insert(0, str(candidate)) ... from skill_deps_doctor.cli import main
Prefer the installed skill-deps-doctor binary or a vendored package, run the wrapper only from trusted directories, and remove or guard the Path.cwd() import fallback.
The reviewed files are only a wrapper and documentation; actual runtime behavior also depends on the installed package and any enabled plugins.
The skill relies on an external PyPI package and advertises third-party plugin checkers. This is disclosed and aligned with the dependency-doctor purpose, but the provided artifacts do not include the full package or plugin code.
pip install skill-deps-doctor ... Plugin system — third-party checkers via Python entry points
Install from a trusted, pinned version, review the package source when possible, and use --no-plugins unless third-party plugins are needed and trusted.
Broad scans may inspect more of a workspace than intended, and a generated fix script could alter the system if the user executes it without review.
The skill can recursively inspect project directories, run probes, and generate a fix script. These are expected for a dependency diagnostic tool, but they should remain user-directed and reviewed.
skill-deps-doctor --skills-dir ./skills --check-dir ./monorepo --recursive ... --probe ... --fix > fix.sh
Limit scans to intended directories, use probes only when needed, and inspect any generated fix.sh before running it.