Back to skill
Skillv1.0.0
ClawScan security
Json Modifier · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 8:36 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is a small, self-contained Node.js CLI that applies RFC 6902 JSON patches to files; its files, dependencies, and runtime behavior are consistent with that purpose.
- Guidance
- This skill appears to be what it claims: a safe JSON-patch CLI. Before installing or running it: 1) Verify the file path you or the agent will call (SKILL.md path examples differ from the package layout) so the agent executes the correct script. 2) Run the included test locally (npm install then npm test) in a safe directory to confirm behavior. 3) Be cautious about which files you allow the agent to modify—the tool will overwrite files (atomic rename is used, but data loss can occur if patches are incorrect). 4) Review/lock dependencies if you require stricter supply-chain controls (it uses fast-json-patch from npm). 5) Note tests use child_process.execSync to invoke the CLI locally—that's normal for testing but confirms the package executes local commands.
Review Dimensions
- Purpose & Capability
- noteName and description match the included code: index.js implements a CLI that reads a JSON file and a RFC 6902 patch and writes the result. Minor documentation mismatch: SKILL.md examples reference 'node skills/json-modifier/index.js' while the repo provides index.js at the package root; this is likely a path/documentation inconsistency rather than malicious.
- Instruction Scope
- okSKILL.md only documents CLI usage for applying patches. The code only reads the specified target file/patch file, validates and applies the patch, and performs an atomic write. It does not read other files, environment variables, or network endpoints.
- Install Mechanism
- okNo install spec is provided; this is instruction-plus-code. The only dependency is fast-json-patch from the public npm registry (package-lock.json points to registry.npmjs.org). There are no arbitrary downloads, extract steps, or unusual install actions.
- Credentials
- okNo environment variables, credentials, or config paths are requested or used. The skill's requested privileges are minimal and aligned with editing local files.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges. It does not modify other skills or global agent config.