Pulse App Skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is an instruction-only Pulse App developer guide with expected local development commands and no evidence of hidden code, credential use, persistence, or data exfiltration.
This appears safe to install as a developer reference skill. Before asking an agent to run the shown Pulse or npm commands, confirm the target directory and review any generated app code, package scripts, and exposed app actions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed, the agent or user may create files and run local development/build scripts in the chosen project environment.
The guide tells developers to run local CLI/npm commands to scaffold, run, preview, build, and create Pulse App skills. This is central to the stated developer-guide purpose, but it still means local project tooling may execute.
pulse create; npm run dev; npm run preview; npm run build; pulse skill create
Run the commands only in an intended project directory and review generated files and package scripts before further use.