critical
suspicious.dangerous_exec
- Location
- scripts/mermaid_render_multi.js:29
- Finding
- Shell command execution detected (child_process).
Software Manager Skill
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
The agent may search externally, read the skill’s local reference files, and write generated PRD/prototype files when you provide a path.
Why it was flagged
The skill explicitly directs the agent to use browsing/search, local read/search, and file-write tools. These are aligned with research and PRD export, but they are real tool actions the user should notice.
Skill content
使用 `WebFetch` 工具获取官方文档,或用 `Grep`/`Read` 工具搜索本地参考文档。 ... 用户指定路径后,使用 Write 工具保存文件
Recommendation
Provide only the information you are comfortable searching externally, and review the save path before allowing file writes.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Using the full export/rendering features may require installing additional Node/Python packages from package registries.
Why it was flagged
The skill relies on unpinned external packages for Mermaid rendering and Word export, while the registry-level install spec is absent. This is purpose-aligned but should be clearer before installation.
Skill content
required_npm_packages: - "@mermaid-js/mermaid-cli" # npm install -g @mermaid-js/mermaid-cli required_python_packages: - python-docx
Recommendation
Install dependencies from trusted registries, consider pinning versions, and verify that global npm installs are acceptable in your environment.
NoteMedium Confidence
ASI05: Unexpected Code ExecutionWhat this means
Running the renderer can execute a local shell command for browser discovery.
Why it was flagged
The Mermaid renderer uses Node child_process shell execution to query the Windows registry for a browser path. The documented purpose mentions automatic browser detection, so this appears expected, but it is still local command execution.
Skill content
const out = execSync(`reg query "${key}" /v Path`, { encoding: 'utf8', timeout: 5000 }).trim();Recommendation
Only run the renderer in a trusted project environment, and review the script if you are concerned about local command execution.
NoteHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
Product ideas, competitor names, or business details you provide could be included in external search queries.
Why it was flagged
The skill’s normal workflow sends research queries to a system-selected network search provider. This is disclosed and useful for market/competitor research, but the provider and data boundary are not specified.
Skill content
流程:确认需求 → 提问澄清 → 网络搜索 + RAG搜索 ... 搜索策略:优先使用环境中最可靠的网络搜索工具(由系统自动选择)
Recommendation
Avoid sharing confidential roadmap, customer, or proprietary strategy details unless you are comfortable with them being used in external searches.