Back to skill
Skillv0.2.0
ClawScan security
Json Render Table · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 16, 2026, 1:46 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, file templates, and requirements are coherent with its stated purpose (rendering JSON-defined tables to PNG using json-render-cli); it requests no credentials and does not attempt unrelated access, though it instructs installing npm/playwright artifacts which download code and binaries from the network.
- Guidance
- This skill is coherent with its stated purpose, but before installing or running it consider: (1) It may run `npm i -g json-render-cli` and `npx playwright install chromium`, which download and install code and a browser binary — run these in a controlled environment (container, VM, or CI runner) if you have security concerns. (2) Prefer local installs (npm --prefix ./node_modules or using a project-level install) instead of global -g to avoid modifying host state. (3) Verify the reputation/source of the json-render-cli npm package if you plan to install it. (4) Ensure SPEC_PATH is pointed only at trusted template files (don’t point it at arbitrary sensitive files), and be mindful of where OUT_PATH writes images (avoid exposing sensitive data). (5) Confirm the execution environment has python3/node and sufficient disk/network access; consider pre-installing dependencies centrally if you manage many agents.
Review Dimensions
- Purpose & Capability
- okThe name/description match the actual behavior: everything in SKILL.md is about building a JSON message and invoking json-render-cli (and optionally installing it). No unrelated credentials, unusual binaries, or external services are requested that would be inconsistent with table rendering.
- Instruction Scope
- noteInstructions stay within rendering scope (build JSON in-memory, run json-render-cli, tune viewport). They do instruct installing packages and downloading Chromium when missing, and they read a SPEC_PATH template file from a set of candidate locations; this is expected but has side effects (network downloads, filesystem reads). The skill does not instruct collecting secrets or reading unrelated system config.
- Install Mechanism
- noteThere is no packaged install spec; runtime instructions advise 'npm i -g json-render-cli' and 'npx playwright install chromium'. Using npm and Playwright is reasonable for this task but implies downloading code/binaries from public registries/CDNs (moderate risk). Consider preferring a local or preinstalled dependency to avoid global installs on a host.
- Credentials
- okThe skill declares no required env vars or credentials. SKILL.md uses non-secret environment variables (ID, PRIORITY, etc.) for rendering. It does probe candidate paths for the included SPEC_PATH template, which is proportional to locating its own reference files.
- Persistence & Privilege
- okThe skill does not request persistent 'always' inclusion or elevated platform privileges. The only persistent side-effect the instructions may produce is installing a global npm package or downloaded Chromium binary — this affects the host but is not a platform privilege escalation for the skill itself.