dr-context-pipeline Security Report — Trusted | ClawSafe

0 /100

dr-context-pipeline

Deterministic memory/context pipeline for agents: route a user message, retrieve relevant memory snippets, compress into a cited Context Pack, lint, and fall back safely.

A clean, legitimate memory/context pipeline skill with no malicious behavior, no undeclared permissions, and documentation that accurately reflects implementation.

Skill Namedr-context-pipeline

Duration26.4s

Enginepi

✓

Safe to install

No action needed. The skill is safe to deploy.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	install_pipeline.py:34 — shutil.copytree for targeted pipeline installation
Network	`NONE`	`NONE`	—	No network calls in any script
Shell	`NONE`	`NONE`	—	No subprocess/os.system calls in any script
Environment	`NONE`	`NONE`	—	No os.environ access in any script
Skill Invoke	`NONE`	`NONE`	—	No dynamic skill invocation
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access

1 findings

🔗

Medium External URL 外部 URL

https://json-schema.org/draft/2020-12/schema

assets/context_pipeline/schemas/context_pack.schema.json:2

File Tree

20 files · 49.5 KB · 1455 lines

JSON 6f · 518L YAML 2f · 344L Python 3f · 308L Markdown 7f · 243L Text 2f · 42L

├─ ▾ 📁 assets

│ └─ ▾ 📁 context_pipeline

│ ├─ ▾ 📁 schemas

│ │ ├─ 📋 context_pack.schema.json JSON 119L · 3.3 KB

│ │ └─ 📋 retrieval_bundle.schema.json JSON 69L · 2.0 KB

│ ├─ ▾ 📁 tests

│ │ └─ 📋 golden.json JSON 56L · 1.4 KB

│ ├─ 📝 always_on.md Markdown 25L · 1.5 KB

│ ├─ 📄 compressor_prompt.txt Text 21L · 1.1 KB

│ ├─ 📝 README.md Markdown 20L · 919 B

│ └─ 📋 router.yml YAML 172L · 4.0 KB

├─ ▾ 📁 references

│ ├─ ▾ 📁 schemas

│ │ ├─ 📋 context_pack.schema.json JSON 119L · 3.3 KB

│ │ └─ 📋 retrieval_bundle.schema.json JSON 69L · 2.0 KB

│ ├─ ▾ 📁 tests

│ │ └─ 📋 golden.json JSON 86L · 2.2 KB

│ ├─ 📝 APPLY.md Markdown 34L · 2.1 KB

│ ├─ 📄 compressor_prompt.txt Text 21L · 1.1 KB

│ ├─ 📝 configure_prompt.md Markdown 38L · 2.1 KB

│ ├─ 📝 deterministic_ids.md Markdown 22L · 775 B

│ ├─ 📋 router.yml YAML 172L · 4.0 KB

│ └─ 📝 RUNTIME_CHECKLIST.md Markdown 29L · 1.6 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 install_pipeline.py Python 69L · 2.0 KB

│ ├─ 🐍 memory_watchdog.py Python 103L · 3.4 KB

│ └─ 🐍 validate_pipeline.py Python 136L · 4.7 KB

└─ 📝 SKILL.md Markdown 75L · 6.0 KB

Security Positives

✓ SKILL.md accurately describes all script behavior with no hidden functionality

✓ No network requests, credential access, or data exfiltration in any script

✓ install_pipeline.py only copies files to a specific target directory using shutil.copytree

✓ validate_pipeline.py only hashes and compares files, reads JSON schemas — purely local operations

✓ memory_watchdog.py only checks file mtimes and sizes in the memory directory — no writes or network

✓ No subprocess, os.system, or shell execution anywhere

✓ No base64, eval, or obfuscation patterns

✓ No sensitive paths accessed (~/.ssh, ~/.aws, .env)

✓ Dependencies: only Python stdlib (hashlib, json, shutil, pathlib, dataclasses, datetime, argparse) — no third-party packages required

✓ Version not pinned for stdlib — irrelevant since stdlib has no external attack surface

✓ Scripts are deterministic and read-only after installation (watchdog only reads mtimes/sizes)

Scan Report

File Tree

Security Positives