ClawHub

Data Source Audit

v2.1.0

Comprehensive audit of all construction data sources and systems. Map data flows, identify silos, assess quality, and create integration roadmap.

0· 1.8k·8 current·9 all-time
by@datadrivenconstruction
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (data source audit) match the declared needs: SKILL.md includes Python code examples for parsing CSV/Excel/JSON and mapping flows, and claw.json grants filesystem permission so the skill can read user files. Requiring python3 and filesystem access is proportionate for local data processing.
Instruction Scope
Runtime instructions limit work to data provided by the user and reference the code in SKILL.md for processing. There are no instructions to access unrelated system paths, environment variables, or hardcoded external endpoints; the skill is instruction-only and does not itself include commands that exfiltrate data.
Install Mechanism
There is no install spec and no code files to download or execute beyond the Python examples embedded in SKILL.md. This minimizes the risk of arbitrary remote code install.
Credentials
The skill requests no environment variables or credentials. That is appropriate for an audit that operates on user‑supplied files; it does not ask for unrelated secrets (AWS keys, database passwords) in its metadata.
Persistence & Privilege
always is false and model invocation is standard. The only elevated capability is filesystem permission in claw.json, which is reasonable for a file‑processing audit skill and is consistent with the described behavior.
Assessment
This skill appears internally consistent for performing audits on construction data you provide. Before using it: (1) confirm you trust the skill source (homepage is provided but package owner is not verified); (2) avoid supplying production credentials unless strictly necessary — if you do provide API/database credentials, treat them as sensitive; (3) run any suggested Python snippets in an isolated environment if you plan to execute code locally; (4) if the agent requests additional files, verify those are intentionally supplied. If you need the skill to connect to live systems, prefer creating read‑only accounts and document exactly what access is granted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnv19wg0bxtwfgzm4pcqgk5817esh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔗 Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments