Gdpr Checker
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could trust this script as performing real security scanning, hardening, or encryption when the artifact does not show those functions being implemented.
This included script claims security scanning and encryption capabilities but only prints status text and logs input, and those capabilities do not match the GDPR checker purpose.
# gdpr-checker - Security scanning and hardening tool ... cmd_scan() { echo " Scanning for vulnerabilities..." ... } ... cmd_encrypt() { echo " Encrypting: $1" ... }Do not rely on the security, hardening, or encryption claims unless the maintainer replaces the stub behavior with real, documented functionality or removes the unrelated script.
Sensitive text entered into the tool could remain on disk in a local history file even though the main documentation emphasizes stdout output and does not clearly disclose this logging.
The script creates persistent local storage and records command arguments to history.log, including values supplied to commands such as hash and encrypt.
DATA_DIR="${GDPR_CHECKER_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/gdpr-checker}" ... _log() { echo "$(date '+%m-%d %H:%M') $1: $2" >> "$DATA_DIR/history.log"; } ... cmd_hash() { echo "$1" | sha256sum ...; _log "hash" "${1:-}"; }Avoid entering secrets, personal data, breach details, or other sensitive material; the maintainer should disclose, minimize, or disable command-argument logging.
It may be hard to know which script would actually run as `gdpr-checker` or whether the local command matches the reviewed artifacts.
The skill still documents running `gdpr-checker` and includes executable scripts, so the install and command provenance are unclear even though no remote installer or package execution is shown.
No install spec — this is an instruction-only skill.
Verify the command path before use and prefer a maintainer-provided install spec that clearly maps the CLI command to the intended GDPR script.