critical
suspicious.dynamic_code_execution
- Location
- scripts/check.py:17
- Finding
- Dynamic code execution detected.
Skill Install Guardian
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
Running the skill will execute local `npx clawhub` inspection commands and fetch information about the requested skill.
Why it was flagged
The script invokes a local CLI command to inspect ClawHub skills. This is expected for the scanner purpose, and the visible code validates the slug and uses list-form subprocess arguments.
Skill content
stdout, stderr, code = run_command(["npx", "clawhub", "inspect", slug, "--json"])
Recommendation
Use it only for intended skill slugs, review the generated report, and keep the owner-confirmation step before any installation.
NoteMedium Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
If `npx` resolves or updates the CLI from an external package source, the scanner depends on that package supply chain.
Why it was flagged
The skill relies on `npx` to run the ClawHub CLI, but the artifact does not pin a CLI package version or source. This is common and purpose-aligned, but it means the trust boundary includes the local or resolved `clawhub` CLI.
Skill content
requires":{"bins":["npx"]} ... npx clawhub inspect <skill-slug> --securityRecommendation
Prefer a trusted, pinned, or preinstalled ClawHub CLI when using this as a security gate.