Scan Report
5 /100
calculator
Perform mathematical calculations and unit conversions
A straightforward calculator skill with well-sandboxed expression evaluation. No malicious behavior detected.
Safe to install
Skill is safe to use. The use of eval() is properly mitigated with whitelisted function names and empty builtins.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file read/write operations in calculator.py |
| Network | NONE | NONE | — | No network requests in calculator.py |
| Shell | NONE | EXEC | ✓ Aligned | SKILL.md declares python3 script execution via Bash (allowed-tools mapping) |
| Environment | NONE | NONE | — | No os.environ access |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
File Tree
2 files · 10.6 KB · 310 lines Python 1f · 226L
Markdown 1f · 84L
├─
▾
scripts
│ └─
calculator.py
Python
└─
SKILL.md
Markdown
Security Positives
✓ Expression evaluation properly sandboxed with whitelisted function names
✓ __builtins__ set to empty dict {} preventing dangerous built-in access
✓ Explicit name validation against allowed_names before eval() execution
✓ No network requests or external communication
✓ No file system access beyond command-line arguments
✓ No credential or sensitive data access
✓ No obfuscation or suspicious code patterns