ClawAudit verdict
围棋定式数据库
weiqi-joseki
Local Go game joseki database built from KataGo archives with fully local data storage; file_read is for reading local SGF game files, consistent with the stated purpose.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Permission integrity
file_read
Findings (2)
Recursive delete from root or home — destructive command
SKILL.md · code · rm -rf ~
Python urllib.request — network access
src/extraction/katago_downloader.py · prose · downgraded · urllib.request
Permissions & capabilities
No declared permissions — minimal attack surface.
file_read Is this flag fair?
Thanks — recorded.