Glin Profanity

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

Installing the wrong or compromised package could run untrusted third-party code in the user's development environment.

Why it was flagged

The skill directs users to install external packages without version pinning. This is purpose-aligned for a library skill, but users should verify the package identity and provenance.

Skill content

npm install glin-profanity

# Python
pip install glin-profanity

Recommendation

Verify the npm/PyPI package and GitHub project, pin known-good versions, and use standard dependency scanning before adding it to an application.

NoteHigh Confidence

ASI02: Tool Misuse and Exploitation

What this means

If copied directly into a live chat or comment system, legitimate messages could be removed and users could be warned automatically.

Why it was flagged

The example shows automated moderation actions based on detector output. This fits the stated purpose, but deletion and user warnings can have real impact if false positives occur.

Skill content

if (filter.isProfane(msg.text)) {
    deleteMessage(msg);
    warnUser(msg.author);
  }

Recommendation

Use clear moderation policies, logging, thresholds, and human review or appeal paths for high-impact moderation actions.