First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
3
Score
92/100
Findings (3)
Detects autonomous sub-agent or cron-based execution without human oversight
background process + autonomousRemove directives that force the agent to call specific tools or APIs not required for the skill's stated functionality. Tool calls should be determined by user intent, not embedded directives.
Likely FP if the skill legitimately needs to call other tools as part of its workflow (e.g., a deployment skill that calls git and cloud CLI tools).
Detects git clone of repositories followed by execution of cloned content
git clone https://github.com/drbarq/Pokemon-OpenClaw.git + cd Pokemon-OpenClaw
pip installReview the dependency tree for nested or transitive dependencies that introduce risk. Use tools like npm audit or pip-audit to identify known vulnerabilities in the dependency chain.
Likely FP if the flagged dependency is a standard, widely-used library with no known vulnerabilities at the time of scanning.
Detects pip install of arbitrary packages that modify the host environment
pip install pyPin all pip packages to exact versions (e.g., pip install package==1.2.3). Use a requirements.txt or pyproject.toml with pinned versions and hash verification.
Likely FP if the match is in documentation showing how to install the skill's own PyPI package.