Scan Report
0 /100
researchclaw
Autonomous research pipeline skill for Claude Code
Documentation-only skill for an autonomous research pipeline with appropriate declared permissions and no malicious indicators in the SKILL.md file.
Safe to install
No action required. The SKILL.md is a legitimate documentation file for a research pipeline tool. If deploying this skill, verify the 'researchclaw' CLI tool is from a trusted source.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | SKILL.md: Tools Required section declares file read/write for config and artifac… |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md: Declares Bash for CLI execution and experiment modes (sandbox/ssh_remo… |
File Tree
1 files · 4.5 KB · 133 lines Markdown 1f · 133L
└─
SKILL.md
Markdown
Security Positives
✓ Documentation-only skill with no executable code present
✓ Permissions (filesystem:WRITE, shell:WRITE) are appropriate for the stated research pipeline purpose
✓ Experiment execution modes (simulated/sandbox/ssh_remote) are clearly documented in experiment modes table
✓ No base64 encoding, eval(), or obfuscated code patterns
✓ No credential harvesting or data exfiltration mentioned
✓ No sensitive path access (~/.ssh, ~/.aws, .env) documented
✓ No curl|bash or wget|sh remote script execution patterns
✓ Configuration-based API key handling (llm.api_key_env) follows security best practices