critical
suspicious.dynamic_code_execution
- Location
- scripts/vtl_regen.py:39
- Finding
- Dynamic code execution detected.
VTL Image Analysis
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI05: Unexpected Code ExecutionWhat this means
If the operator file were replaced with untrusted content, the script would evaluate its trigger expressions locally, although the current evaluator is designed to restrict what those expressions can do.
Why it was flagged
The regeneration script dynamically evaluates trigger expressions from the operator configuration. It attempts to constrain execution with an AST allowlist and no builtins, making it purpose-aligned but still worth noticing.
Skill content
return bool(eval(compile(tree, "<trigger>", "eval"), {"__builtins__": {}}, allowed_names))Recommendation
Use the bundled operators.yaml or edits you trust; maintainers could further reduce risk by replacing eval with a small purpose-built expression interpreter.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Installing the dependencies manually may fetch whatever versions are current from the Python package index, which can affect reproducibility and supply-chain assurance.
Why it was flagged
The skill documents third-party Python dependencies without version pins, while the provided install specification says there is no formal install spec. These dependencies are expected for image processing, but package provenance and versions are not locked in the supplied artifacts.
Skill content
packages: ["numpy", "opencv-python-headless", "scikit-image", "scipy", "pyyaml"]
Recommendation
Install in an isolated Python environment and prefer pinned, reviewed dependency versions if using this skill in a sensitive environment.