briefing
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A normal request to use the skill could cause local shell code to run and install software if the CLI is not already present.
The skill tells the agent to run a shell installer automatically before using the CLI, rather than presenting installation as a separate user-approved setup step.
Before any execution, if the `briefing` binary is missing from PATH: ... If found, execute `bash {skillDir}/install.sh` to initialize the environment.Require explicit user approval before running install.sh, and prefer a reviewed install spec or manual setup instructions for the first run.
The code that actually implements the skill can change outside the reviewed package, and dependency installation may execute or install unreviewed components.
The installer fetches mutable remote code and dependencies at install time without pinning a commit, release, or lockfile in the reviewed artifacts.
REPO_URL="${REPO_URL:-https://github.com/YutaiGu/skill-briefing.git}" ... git clone "$REPO_URL" "$INSTALL_DIR" ... git -C "$INSTALL_DIR" pull ... "$VENV_DIR/bin/pip" install -r "$INSTALL_DIR/requirements.txt"Bundle or pin the reviewed CLI code to a specific commit/release, include a dependency lockfile, and avoid automatic git pull during installation.
Installing the skill may modify the user’s system-wide packages and executable paths, not just files inside the skill directory.
The installer can request administrator privileges to install system packages and write a global executable, despite the registry declaring no required binaries or install spec.
sudo apt-get update ... sudo apt-get install -y git curl python3.12 python3.12-venv ffmpeg ... sudo install -m 0755 "$tmpfile" "$target_path"
Clearly disclose required privileges, ask for user confirmation before sudo operations, and prefer a local user-scoped install where possible.
The user’s shell environment can remain changed after the skill is used, and the installed CLI may persist until manually removed.
The installer creates a persistent launcher and modifies shell startup files so the installed command remains available after the immediate task.
target_path="$target_dir/briefing" ... printf "\n%s\n" "$line" >> "$target" ... log "Added PATH entry to $target"
Make PATH/profile changes opt-in, document exactly what files are changed, and provide clear uninstall/rollback instructions.
Tracked-source history and transcripts may persist locally, and transcript text from external creators should be treated as untrusted content.
The skill appears to retain processed-item state and returns transcribed external video content into the agent context.
Use memory-based updates to skip already processed items ... Return the extracted whisper content.
Only track intended sources, review where output and state are stored, and treat returned transcripts as data rather than instructions.