ClawHub
Back to skill
v1.2.0

Maxwell Fea Simulation

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:12 AM.

Analysis

This appears to be a purpose-aligned Maxwell simulation helper, with the main caution being optional local Python scripts and dependencies for post-processing.

GuidanceBefore installing, note that the skill is primarily documentation plus local post-processing scripts. If you use the scripts, install Python dependencies from trusted sources and run them only on simulation files you intend to analyze.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution
SeverityInfoConfidenceHighStatusNote
SKILL.md
python scripts/maxwell_post_processor.py --mode cogging_torque ... --file "torque_data.csv"

The skill documents local Python script execution for post-processing Maxwell simulation data. This is user-directed and matches the skill purpose, but it still means running included code locally.

User impactRunning the helper script can process local CSV data and create local output files such as plots.
RecommendationRun the script only when needed, from a project directory you control, and review the command arguments before using your own data files.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/maxwell_post_processor.py
依赖:
  pip install numpy matplotlib pandas scipy

The script documentation recommends installing unpinned Python packages. These dependencies are expected for numerical post-processing, but they are not captured in an install spec.

User impactIf the user installs these packages, they rely on the package source and versions available at install time.
RecommendationInstall dependencies from trusted package indexes, preferably in a virtual environment, and pin versions if reproducibility matters.