Fluid Network Solver
v1.0.0Solve and analyze steady incompressible fluid networks from TOML definitions. Use when users ask to design a network template, validate TOML topology data, c...
⭐ 0· 80·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the included code: TOML parsing, scenario overrides, numerical solver (scipy fallback), analysis, and report generation. Declared requirements (none) and the listed requirements.txt (scipy, networkx, tomli) are proportional to a numerical solver and topology analysis.
Instruction Scope
SKILL.md instructs running the included CLI script which legitimately needs to read a TOML input and optionally read a report template and write report/JSON outputs. Be aware the CLI accepts arbitrary filesystem paths for the input TOML, report template, and output files, and the code will read and write those paths (Path.resolve(), read_text(), write_text()). This is expected for a CLI tool but means the agent/script can read any file the runtime user has access to and can overwrite files at paths you supply.
Install Mechanism
No install spec is provided (the skill bundle contains Python source). There are no downloads or external installers. The requirements.txt lists common numeric libraries (scipy, networkx, tomli) appropriate for the solver; pulling those via pip is expected for correct execution.
Credentials
The skill does not request environment variables, credentials, or configuration paths. The code does not access environment secrets or network endpoints. Required libraries are proportional to the stated functionality.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or global agent configuration. It writes files only to paths provided by the user or defaults under the skill assets, which is normal for a CLI tool.
Scan Findings in Context
[no_findings] expected: Static pre-scan reported no injection signals. This aligns with the code being local, readable, and not performing network I/O or subprocess execution.
Assessment
This skill appears to do exactly what it claims: parse a TOML network, run a numerical solver, analyze connectivity, and render reports. Things to consider before installing or running:
- Local file access: the CLI reads any TOML you point it to and can read an arbitrary report template path; it also writes report and JSON files to any paths you specify. Only run it with input/output paths you trust and avoid pointing it at sensitive files you don't want read or overwritten.
- Dependencies: the solver relies on scipy and networkx; installing/running may require adding these Python packages into the runtime environment. If you run in a managed environment without those packages, execution will fall back to built-in routines where provided, but numerical behavior may differ.
- No network exfiltration: there are no HTTP/network calls or credential requirements in the code, and it does not read environment secrets. The main risk surface is local file I/O and the usual hazards of running third-party code locally.
If you want higher assurance, inspect the full source locally (which is included here) or run the skill in an isolated environment (container or sandbox) before using it on sensitive data.Like a lobster shell, security has layers — review code before you run it.
engineeringvk97fck0gtx88jws2ex35vyq0zx839xqqfluid-dynamicsvk97fck0gtx88jws2ex35vyq0zx839xqqlatestvk97fck0gtx88jws2ex35vyq0zx839xqqphysicsvk97fck0gtx88jws2ex35vyq0zx839xqqsimulationvk97fck0gtx88jws2ex35vyq0zx839xqqsolvervk97fck0gtx88jws2ex35vyq0zx839xqq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.