Skill Install Guardian
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate pre-install skill scanner; it runs the ClawHub CLI through local commands, and the static eval alert is a false positive from its detection patterns.
This skill is reasonable to use as a manual pre-installation checker, but do not treat it as a complete security guarantee. Review its report yourself, approve installation separately, and consider using a trusted or pinned ClawHub CLI. Because the displayed `check.py` content is truncated, review the complete script before relying on it as a security gate.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill will execute local `npx clawhub` inspection commands and fetch information about the requested skill.
The script invokes a local CLI command to inspect ClawHub skills. This is expected for the scanner purpose, and the visible code validates the slug and uses list-form subprocess arguments.
stdout, stderr, code = run_command(["npx", "clawhub", "inspect", slug, "--json"])
Use it only for intended skill slugs, review the generated report, and keep the owner-confirmation step before any installation.
If `npx` resolves or updates the CLI from an external package source, the scanner depends on that package supply chain.
The skill relies on `npx` to run the ClawHub CLI, but the artifact does not pin a CLI package version or source. This is common and purpose-aligned, but it means the trust boundary includes the local or resolved `clawhub` CLI.
requires":{"bins":["npx"]} ... npx clawhub inspect <skill-slug> --securityPrefer a trusted, pinned, or preinstalled ClawHub CLI when using this as a security gate.