ClawAudit verdict
cli-builder
ai-cli-builder
Writes files AND executes processes
This skill provides comprehensive reference documentation and code templates for building CLI tools in Node.js, Python, Go, and Rust — purely educational/instructional content with no suspicious behaviors.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence — it does not verify that one flows into another. Read the code to confirm a live chain.
Writes files AND executes processes — may drop and execute malicious scripts
LLM05 · LLM06 · ASI05
Installs packages AND executes processes — opaque dependency chain with execution
LLM03 · ASI04
Accesses credentials AND writes files — may persist stolen credentials locally
LLM02 · LLM06 · ASI03
Permission integrity
credential_access
package_install
Findings (3)
Dynamic import() — loads module at runtime
SKILL.md · code · import (
"
References child_process — can spawn system processes
SKILL.md · code · child_process
Popular HTTP library — network access
examples/commander-cli.ts · prose · downgraded · Got
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class A/D). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
No declared permissions — minimal attack surface.
package_installdynamic_evalcredential_accessfile_writeprocess_exec Thanks — recorded.