Icp Filing
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a benign ICP filing guide, but it includes local CLI helper scripts that store small local logs/data and the install/entrypoint details are not clearly declared.
This skill looks safe for reading ICP filing guidance. Check the CLI setup before use, and do not put sensitive personal or business filing details into the generic local add/run commands unless you are comfortable with those details being saved under the skill’s local data directory.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may be harder to install or reason about because the documented CLI and shipped scripts are not tied together by a clear install specification.
The artifacts also include shell scripts and SKILL.md references an icp-filing CLI, so the package entrypoint and runtime requirements are not fully described.
No install spec — this is an instruction-only skill.
Before installing, confirm which script becomes the icp-filing command and whether bash/python3 are expected dependencies.
If users enter sensitive information into the generic add/run/search commands, it may remain in local data or history files.
The generic helper stores user-provided entries and command history in local files, creating persistent local state.
DATA_DIR="${ICP_FILING_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/icp-filing}"
DB="$DATA_DIR/data.log"
mkdir -p "$DATA_DIR"
_log() { echo "$(date '+%m-%d %H:%M') $1: $2" >> "$DATA_DIR/history.log"; }Avoid entering secrets or private filing materials into these generic commands unless you are comfortable with them being stored locally; use ICP_FILING_DIR to control the storage location.