Clawdex by Koi
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Koi’s Clawdex service may learn which skills you check or have installed, though the artifacts do not show credentials or file contents being sent.
The documented audit workflow sends local installed skill names to an external Clawdex API. This is aligned with the skill’s purpose, but users should notice the third-party data flow.
for skill in $(ls ~/.clawdbot/skills/); do ... curl -s "https://clawdex.koi.security/api/skill/$skill"
Use the lookup with awareness of the external data flow, and avoid sending private or internal skill names if that information is sensitive.
A stale or incorrect external verdict could cause a user or agent to trust a skill more than warranted.
The wording presents a benign API verdict as sufficient to proceed with installation. This is coherent for a security-check tool, but users should avoid treating one third-party verdict as an absolute guarantee.
The skill has been audited and no malicious behavior was found. You can proceed with installation:
Treat Clawdex as one security signal, and still review permissions, source, and behavior before installing important or unfamiliar skills.