Skill Creator
Security checks across malware telemetry and agentic risk
Overview
The skill appears aligned with creating and evaluating other skills, but users should review generated skill changes and be aware it uses local scripts that read eval outputs and serve local review pages.
This looks reasonable for a skill-building workflow. Before using it, review any generated or modified SKILL.md files, run evals only in workspaces that do not contain secrets, use an unused local port for the viewer, and treat bundled scripts from the unknown source as code you should inspect before relying on.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may be relying on bundled scripts from an unverified source.
The skill includes bundled helper code but lacks an external source/homepage for provenance verification. This is not suspicious by itself, but users cannot easily compare it to an upstream project.
Source: unknown; Homepage: none; Code file presence: 10 code file(s); No install spec — this is an instruction-only skill.
Use only if you trust the registry owner/package, and review the bundled scripts before running them on important workspaces.
Running the viewer on an occupied port could stop another local process.
The local review server includes a helper capable of terminating whatever process is already listening on the chosen port. This is likely intended to clear port conflicts, but it can affect unrelated local services.
def _kill_port(port: int) -> None:
"""Kill any process listening on the given port."""
...
os.kill(int(pid_str.strip()), signal.SIGTERM)Choose an unused port and confirm no important service is using it before running the eval viewer.
Sensitive eval outputs could be stored in local review artifacts and shown in the local browser viewer.
The viewer intentionally reads and persists eval outputs and feedback for review. If eval outputs contain private data, that data may be copied into generated HTML or feedback files.
Reads the workspace directory, discovers runs (directories with outputs/), embeds all output data into a self-contained HTML page, and serves it via a tiny HTTP server. Feedback auto-saves to feedback.json in the workspace.
Run evals in a dedicated workspace, avoid including secrets or private files in outputs, and delete generated review artifacts when no longer needed.
A generated skill might activate in situations where you did not expect it.
The skill recommends broad trigger wording to improve activation. This is disclosed and related to skill creation, but overly broad descriptions can cause future agents to invoke a skill more often than intended.
please make the skill descriptions a little bit "pushy"... "Make sure to use this skill whenever the user mentions dashboards... even if they don't explicitly ask for a 'dashboard.'"
Review generated skill descriptions and keep trigger language specific enough to match your intended use.