ClawAudit verdict
safe
uwvwko-safe
Executes processes AND makes external network calls
Web browsing security protection skill that lists dangerous patterns (/etc/passwd, .ssh, eval) as things to DETECT and BLOCK — all sensitive references are in a defensive context defining what the skill should prevent, not execute.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence — it does not verify that one flows into another. Read the code to confirm a live chain.
Executes processes AND makes external network calls — may exfiltrate command output
LLM02 · LLM06 · ASI03
Permission integrity
network_out
Findings (10)
Recursive delete from root or home — destructive command
SKILL.md · code · rm -rf /
Accesses sensitive system files
SKILL.md · prose · downgraded · /etc/passwd
Uses eval() — can execute arbitrary code
SKILL.md · prose · downgraded · eval(
Uses exec() — may execute shell commands
SKILL.md · code · exec(
Accesses process.env — reads environment variables
SKILL.md · code
References sudo — requests elevated privileges
SKILL.md · prose · downgraded · sudo
Accesses .ssh directory
SKILL.md · prose · downgraded · .ssh/
References SSH/GPG private keys
SKILL.md · prose · downgraded · ssh_key
Accesses sensitive environment variables
SKILL.md · code · process.env.API_KEY
fetch() — outbound network request
SKILL.md · code
Permissions & capabilities
No declared permissions — minimal attack surface.
credential_accessprocess_execnetwork_out Thanks — recorded.