ClawHub
Back to skill
v1.1.0

Validator Agent

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:44 AM.

Analysis

This skill is a coherent pre-deployment validator, but it needs to run local project commands, so use it only on repositories and dependencies you trust.

GuidanceThis appears safe for its stated purpose as an instruction-only validation skill. Before installing or invoking it, be aware that it runs your project’s local build, lint, test, audit, and npx tooling; only use it on repositories you trust, and review scripts/dependencies for unfamiliar projects.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
cd <project> && npm run lint 2>&1 | tail -20 ... cd <project> && npm test 2>&1

The skill instructs the agent to run local npm commands in the selected project. This is expected for validation, but npm scripts can execute project-controlled code.

User impactRunning the validator may execute code from the repository and its dependencies, even though the skill itself does not include code.
RecommendationUse it on trusted projects, review package scripts before running, and avoid pointing it at untrusted repositories.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
cd <project> && npx tsc --noEmit 2>&1 ... cd <project> && npx type-coverage 2>&1 || echo "type-coverage not installed — skip"

The documented validation flow uses npx-based tooling. That is normal for TypeScript validation, but npx/npm tooling may execute locally installed or fetched package code depending on the environment.

User impactA validation run can execute package tooling in the local environment, which may have side effects if the project or package source is untrusted.
RecommendationPrefer projects with pinned dependencies and installed, reviewed tooling; run in a controlled workspace when validating unfamiliar code.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
skill.json
"version": "1.0.0"

The registry metadata reports version 1.1.0, while the included skill.json reports version 1.0.0. This is a minor provenance/coherence mismatch rather than evidence of harmful behavior.

User impactUsers may be unsure which version of the skill metadata they are reviewing or installing.
RecommendationVerify the published package/version details if version provenance matters for your workflow.