Ping Beads
PassAudited by ClawScan on May 1, 2026.
Overview
This is a narrow local health-check skill with no credentials, install script, or code, though its documented command is not clearly declared as a required binary.
This skill looks safe for its stated purpose of checking a local daemon. The main thing to verify is that the `ping-beads` command exists and comes from the trusted beads system, since the metadata only declares `bd` as required.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill appears low-risk, but it may fail or run an unexpected local executable if `ping-beads` is not the trusted command the user intended.
The skill declares `bd` as the required binary but documents running `ping-beads`; because no code or install spec is provided, the actual source of that command is not explained in the artifacts.
requires": { "bins": ["bd"] } ... # Check if the bead daemon is alive ... ping-beadsBefore using it, confirm that `ping-beads` is an expected, trusted command from the beads system, or update the skill metadata to declare the correct required binary.