picoclaw
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [SAFE]: The skill content consists of documentation and configuration examples for the PicoClaw tool. No malicious logic, prompt injections, or obfuscated payloads were detected.
- [NO_CODE]: The skill contains only markdown documentation and does not ship with executable scripts or binaries.
- [COMMAND_EXECUTION]: The skill documents the command execution capabilities of the PicoClaw agent and the cron service. It includes specific guidance on utilizing the built-in execution guardrails and deny patterns to prevent unauthorized or destructive operations.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing additional functionality (skills) from GitHub repositories and third-party registries, which is a core feature of the documented software ecosystem.
Audit Metadata