Code Snippet
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a simple local code-snippet manager that stores snippets in a hidden file in the user’s home directory, with no evidence of hidden network, credential, or destructive behavior.
This skill looks safe for normal local snippet management. Before installing, be aware that saved snippets are stored in ~/.code_snippets.json and can be retrieved later, so avoid saving secrets or credentials.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Any code snippets the user saves remain on disk and may be displayed or copied later by this tool.
The skill stores user-provided code snippets in a persistent local JSON file so they can be searched and retrieved later.
DATA_FILE = os.path.expanduser("~/.code_snippets.json")Do not save passwords, API keys, private credentials, or sensitive proprietary code unless local persistence in this file is acceptable.