ClawAudit verdict

ctf-crypto

88
๐ŸŸข Trusted
Low risk โ€” reviewed by ClawAudit, behavior matches stated purpose

A CTF cryptography reference skill covering standard cryptographic attack techniques (RSA, AES padding oracle, lattice reduction) for use in security competitions; all tool installations (pycryptodome, z3-solver, SageMath) are well-known CTF tooling.

โš  Flagged for review โ€” coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis โ€” not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

0
security
70
transparency
70
maintenance

Permission integrity

Installs packages at runtime โ€” transitive dependencies are not auditable

package_install

Findings (6)

Pattern match critical

Unicode homoglyph detected โ€” uses lookalike characters to evade pattern matching

advanced-math.md ยท code

Pattern match critical

Possible hardcoded credential

modern-ciphers-2.md ยท code ยท password = "complexPasswordWhichContainsManyCharactersWithRandomSuffixeghjrjg

Pattern match critical

Uses eval() โ€” can execute arbitrary code

prng.md ยท code ยท eval(

Pattern match critical

Pipe to python โ€” executes piped content as Python code

prng.md ยท code ยท | python3

Pattern match high

subprocess execution โ€” runs system commands from Python

classic-ciphers.md ยท code ยท subprocess.run(

Pattern match high

Hex-encoded string โ€” possible obfuscated payload

modern-ciphers-2.md ยท code ยท \x77\x40\x56\x0a\x1d\x64

Why the tier is capped

Execution sink present in raw bytes (Hard Floor: class D). Final tier capped at Caution โ€” cannot be lifted by any downgrade, example-payload opt-in, or allowlist.

Permissions & capabilities

No declared permissions โ€” minimal attack surface.

package_install

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API