CAD Editor
AdvisoryAudited by Static analysis on May 1, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A faulty or unexpectedly generated script could affect local files or the Python environment, even though the provided artifacts show intended CAD output behavior.
The skill's disclosed workflow executes generated Python to create CAD output. This is central to the stated purpose, but it runs with the local Python process's permissions rather than an explicit sandbox.
script_code = gen.generate(intent, params) ... exec(script_code)
Run the skill in a project workspace or virtual environment, keep output paths explicit, and review generated scripts if they contain unusual imports, file operations, shell calls, or network access.
Different package versions may change behavior or introduce dependency risk in the user's Python environment.
The skill asks users to install required CAD/rendering dependencies without pinning versions. The packages are purpose-aligned, but unpinned installs can change over time.
安装命令:`pip install ezdxf matplotlib numpy`
Install dependencies in a virtual environment and pin known-good versions if the skill will be used for repeatable or production workflows.