Wifi Qr
PassAudited by ClawScan on May 1, 2026.
Overview
This skill has a narrow, disclosed purpose of making Wi-Fi QR codes, with no evidence of exfiltration or persistence, but the Wi-Fi password and unresolved helper command deserve care.
Before installing or using this skill, make sure qrencode comes from your trusted package manager and verify what the wifi-qr command refers to on your system. Treat the generated QR code as equivalent to the Wi-Fi password: share it only with intended people and avoid exposing it in terminal history or public files.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who sees the generated QR code or exposed password could potentially join the Wi-Fi network.
The skill is explicitly designed to handle a Wi-Fi password and encode it into a QR code; this is purpose-aligned but sensitive.
Generate a QR code for Wi-Fi credentials... wifi-qr "MyNetwork" "mypassword"
Use this only on trusted devices, do not share the QR code publicly, and avoid entering real Wi-Fi passwords in shared terminals or logs.
If a local wifi-qr command exists from another source, the user could accidentally run code outside the reviewed artifact set.
The provided artifacts declare only qrencode and include no implementation files, while the SKILL.md examples invoke a wifi-qr command. This is not malicious evidence, but users should verify what command is actually being run.
No code files present — this is an instruction-only skill; Required binaries (all must exist): qrencode
Confirm the origin of any wifi-qr command before using it, or generate the QR directly with a trusted qrencode command.