cro_skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
You have less external context for who maintains the skill or where updates come from.
Why it was flagged
The package does not provide a source repository or homepage, which limits provenance verification even though the included code is simple and the static scan is clean.
Skill content
Source: unknown; Homepage: none
Recommendation
Review the included source before installing and prefer packages with clear source and maintainer information for production use.