Safety Report

E2E e2e-repro3-1772127182276

Name: E2E e2e-repro3-1772127182276
Author: VACInc

Deterministic end-to-end test skill for validating CLI publish lifecycle and verifying registry and metadata round-trips.

112Downloads

0Installs

0Stars

1Versions

CLI & Shell Tools1,805 Networking & DNS1,102 Automated Testing538

Security Analysis

medium confidence

Clean0.04 risk

The skill's declared purpose (deterministic end-to-end testing of a publish lifecycle) matches its minimal requirements — it is an instruction-only test helper that requests no credentials or installs — but the instructions are very sparse and incomplete.

Feb 26, 20261 files1 concern

Purpose & Capabilityok

Name and description claim an e2e test for CLI publish/install/update/delete and registry metadata. The skill requests no binaries, env vars, or installs, which is consistent for a simple instruction-only test helper.

Instruction Scopenote

SKILL.md contains only high-level steps ('Install the skill', 'Run the listed command examples', 'Confirm output') but provides no concrete command examples or targets. This vagueness gives the agent broad discretion at runtime and is incomplete for a deterministic test — not malicious but potentially risky if you expect automated execution without seeing exact commands.

Install Mechanismok

No install spec and no code files — lowest-risk pattern (instruction-only). Nothing is written to disk by installation because there is no installer.

Credentialsok

The skill declares no required environment variables, credentials, or config paths. There is no indication it needs access to external secrets or systems.

Persistence & Privilegeok

always is false, user-invocable is true, and model invocation is allowed (normal defaults). The skill does not request persistent presence or elevated system privileges.

Guidance

This skill appears to be what it says — a minimal e2e test helper with no credentials or installs — but the runtime instructions are incomplete (no concrete commands or expected outputs are provided). Before installing or allowing autonomous runs: 1) ask the publisher for the exact command examples and expected output, 2) review those commands yourself to ensure they don't touch systems you don't want tested, and 3) run the test in a sandbox or isolated environment first. If you plan to let the agent invoke the skill autonomously, require explicit, auditable command lists to avoid unintended actions.

Latest Release

v1.0.0

Initial release of e2e-repro3-1772127182276: - Provides a deterministic end-to-end test skill for ClawHub publish lifecycle. - Supports validation of CLI publish, install, update, and delete behavior. - Useful for verifying registry and metadata round-trips. - Includes clear usage instructions and expected outcomes for testing.

More by @VACInc

Google Keep

7 stars

Simple Backup

4 stars

E2E e2e-repro2-1772127134

0 stars

Perplexity Wrapped Search

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Published by @VACInc on ClawHub