ClawAudit verdict
data-leak-detector
Fetches from network AND uses eval/Function
A static-analysis security tool that scans skill files for suspicious patterns locally; all capabilities (file read/write, process exec, network) are legitimately used for its stated auditing purpose with no evidence of exfiltration or malicious behavior.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence — it does not verify that one flows into another. Read the code to confirm a live chain.
Fetches from network AND uses eval/Function — the remote-code-execution pattern (data-flow not verified)
LLM05 · LLM06 · ASI05
Writes files AND executes processes — may drop and execute malicious scripts
LLM05 · LLM06 · ASI05
Reads files AND uses eval/Function — may execute locally stored payloads
LLM05 · LLM06 · ASI05
Reads local files AND makes external network calls — the capabilities for data exfiltration co-occur (data-flow not verified)
LLM02 · LLM06 · ASI03
Executes processes AND makes external network calls — may exfiltrate command output
LLM02 · LLM06 · ASI03
Accesses credentials AND writes files — may persist stolen credentials locally
LLM02 · LLM06 · ASI03
Both reads and writes files — verify scope is limited to intended directories
LLM06 · ASI02
Permission integrity
network_out
Findings (2)
Opens WebSocket connection
SKILL.md · code · websocket
Popular HTTP library — network access
SKILL.md · code · axios
Permissions & capabilities
Requires 1 system binary.
network_outfile_readfile_writeprocess_execdynamic_evalcredential_access Thanks — recorded.