v1.0.0

api-versioning

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:31 AM.

Analysis

This appears to be a benign documentation-only API versioning guide, with a minor supply-chain caution if you use its unpinned GitHub/npx install example.

GuidanceThis skill is primarily API design documentation and appears safe to use as guidance. If installing manually, verify the GitHub source first and avoid running npx commands from untrusted or unpinned locations.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

README.md

npx add https://github.com/wpank/ai/tree/main/skills/api/api-versioning

The installation example is user-directed, but it references a moving GitHub branch through npx rather than a pinned release or registry source.

User impactIf you run the install command, you are trusting whatever is currently at that GitHub path.

RecommendationInstall only from a trusted source, prefer pinned versions or reviewed registry artifacts, and inspect the repository before running npx commands.