Is clippy safe?
https://clawhub.ai/foeken/clippy
The 'clippy' skill is an empty shell that delivers no functionality — its SKILL.md is blank and it contains no code. Its only artifact is a lock.json that references a different skill name ('academic-research-hub'), which is a suspicious mismatch that could enable dependency confusion or update-path hijacking. While not actively malicious in its current state, it provides zero value and introduces supply-chain risk as a potential placeholder for future malicious updates.
Category Scores
Findings (5)
MEDIUM Empty SKILL.md — no declared behavior -15 ▶
The skill's SKILL.md file is completely empty, meaning it injects no instructions into the agent's prompt. A legitimate skill should define its purpose and behavior. An empty skill that still installs artifacts is anomalous and could be a placeholder for future malicious content delivery.
MEDIUM Skill name mismatch in lock.json -20 ▶
The installed skill is 'clippy' but the lock.json references 'academic-research-hub'. This mismatch could enable dependency confusion: the lock file may trick the skill manager into treating 'academic-research-hub' as already installed, potentially blocking installation of a legitimate skill with that name or creating update-path hijacking opportunities.
LOW Zero-functionality skill occupying a skill slot -70 ▶
This skill delivers no functionality whatsoever — no prompt content, no code, no tools. Its only effect is creating a lock.json entry. This is a common pattern in supply-chain attacks: establish presence first, then push malicious updates later when the user has already trusted the package. While not actively harmful now, it provides no benefit and introduces unnecessary risk.
INFO No executable artifacts -15 ▶
The skill contains no executable code, scripts, hooks, or submodules. The attack surface from a code execution perspective is minimal.
INFO No data access patterns detected -15 ▶
No file reads, network calls, or encoding operations detected during installation or in skill contents.