Csp
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a simple CSP reference helper that only prints static guidance and does not access credentials, files, networks, or persistent state.
This looks safe for ordinary reference use. Before installing, be aware that it provides a local bash script for the agent to run, but the provided script only outputs static guidance and does not request credentials or perform system changes.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it allows the agent to run this included shell script for reference output, but the supplied script does not show file, network, credential, or system-changing behavior.
The skill's documented interface invokes an included local shell script. This is expected for a CLI-style reference helper, and the reviewed script only prints static reference text.
scripts/script.sh intro
Review the script if desired and invoke only the documented commands; no special credentials or broad permissions are indicated.