ClawHub

Local Coding

PassAudited by ClawScan on May 10, 2026.

Overview

The skill coherently documents a local coding-model router, with routine review items around installing an external Python package and routing or logging code prompts on local devices.

This looks like a coherent local coding assistant, not a malicious skill. Before installing, verify the ollama-herd package source, use it only on trusted devices/networks, and remember that prompts or code snippets may be stored in local logs or request traces.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the package gives that external project code execution on the user's machine.

Why it was flagged

The skill relies on a user-installed external PyPI package that is not included in the scanned artifacts. This is normal for the stated purpose, but the package provenance and code were not reviewed here.

Skill content
pip install ollama-herd    # PyPI: https://pypi.org/project/ollama-herd/
Recommendation

Review the PyPI/GitHub project, pin a trusted version if possible, and install it in an isolated environment if handling sensitive code.

Low
#ASI07: Insecure Inter-Agent Communication
What this means

Code prompts may be processed by other devices on the user's fleet or local network.

Why it was flagged

The skill is designed to route coding requests across a local device fleet. That is purpose-aligned, but the artifact does not detail device identity, authentication, or network access controls.

Skill content
herd-node                  # run on each device — finds the router automatically
Recommendation

Use only on trusted networks and trusted devices, and check the ollama-herd documentation for authentication, binding, and firewall guidance.

Low
#ASI06: Memory and Context Poisoning
What this means

Sensitive code snippets or request history could be stored locally in fleet-manager logs or traces.

Why it was flagged

The skill discloses local persistence for fleet data and logs, and also documents recent request traces. Coding prompts or trace metadata may remain on disk.

Skill content
configPaths":["~/.fleet-manager/latency.db","~/.fleet-manager/logs/herd.jsonl"]
Recommendation

Avoid sending secrets in prompts, review local retention settings, and protect or periodically clean logs if they contain sensitive code.