clawgod-claude-code-patch
github.com/aradotso/trending-skills
Scanned Thu, 28 May 2026 17:34:34 GMT
Scan ID crawl-yoiw2xy4u5itnkgnvco13hw1 · 1ms
C
SCORE 55 / 100
Verdict: Proceed with caution
4 high-severity findings.
This skill runs unsafe shell commands plus 4 other issues listed below.
0 critical4 high1 medium7 rules passed
Why grade C?
score · 55 / 100The current grade reflects 4 high-severity findings (3+ HIGHs → C).
0 CRIT4 HIGH1 MED0 LOW
To reach a higher grade
- BReach Btarget score 75
Resolve 2 of 4 HIGH (cap is 2).
- AReach Atarget score 95
Resolve all 4 HIGH.
Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.
Findings · ordered by severity
highDangerous shell pattern: curl | shellThe skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.▾
Dangerous shell pattern: curl | shell
The skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.
23### macOS / Linux
24```bash
25curl -fsSL https://github.com/0Chencc/clawgod/releases/latest/download/install.sh | bash← curl | shell — common in destructive or supply-chain attacks
26```
27
highDangerous shell pattern: curl | shellThe skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.▾
Dangerous shell pattern: curl | shell
The skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.
156```bash
157# macOS/Linux
158curl -fsSL https://github.com/0Chencc/clawgod/releases/latest/download/install.sh | bash← curl | shell — common in destructive or supply-chain attacks
159
160# Windows
highDangerous shell pattern: curl | shellThe skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.▾
Dangerous shell pattern: curl | shell
The skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.
168```bash
169# macOS/Linux
170curl -fsSL https://github.com/0Chencc/clawgod/releases/latest/download/install.sh | bash -s -- --uninstall← curl | shell — common in destructive or supply-chain attacks
171hash -r
172
highDangerous shell pattern: curl | shellThe skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.▾
Dangerous shell pattern: curl | shell
The skill contains a shell command pattern (`curl | shell`) commonly used in destructive or supply-chain attacks.
190```bash
191# Re-run installer — it re-patches the new version
192curl -fsSL https://github.com/0Chencc/clawgod/releases/latest/download/install.sh | bash← curl | shell — common in destructive or supply-chain attacks
193```
194
medNo capability manifest declaredThe skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.rule: no-manifest▾
No capability manifest declared
The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.
rule:
no-manifestskillox.io/r/crawl-yoiw2xy4u5itnkgnvco13hw1