Decomposes complex user requests into executable subtasks, identifies required capabilities, searches for existing skills at skills.sh, and creates new skills when no solution exists. This skill should be used when the user submits a complex multi-step request, wants to automate workflows, or needs help breaking down large tasks into manageable pieces.
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only planner is coherent, but it can direct the agent to globally install or create other skills without clearly requiring user review first.
Use this skill as a planning assistant, but do not let it install, create, or run new skills automatically. Review each proposed skill, its source, permissions, credentials, and any scheduled jobs before approving changes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could end up with unreviewed skills installed globally, which may change how the agent behaves in later tasks.
The documentation shows installing discovered third-party skills globally with an affirmative/noninteractive flag, but does not specify version pinning, source review, permission review, or user approval before installation.
npx skills add <owner/repo@skill> -g -y
Require explicit user confirmation before installing any skill, avoid default use of -y and global installation, review source and permissions, and pin trusted versions where possible.
The agent may generate or prepare new automation capabilities that affect files, accounts, APIs, or future agent behavior without a clearly documented checkpoint.
Creating new skills is core to the stated purpose, but the artifacts do not define clear approval, review, testing, or containment steps before newly generated capabilities are used.
automatically create new skills when no existing solution is available
Separate planning from execution: present the proposed new skill, requested permissions, generated files, and test plan to the user before creating, installing, or using it.
Scheduled automations may continue running until disabled, potentially sending messages, accessing services, or processing data later.
The example workflow includes creating an active scheduled job, which is expected for automation planning but can persist after the initial request.
name: "Configure scheduled execution" ... output: "Active scheduled job"
Ask the user to confirm any schedule, document where it is installed, and provide a clear disable or uninstall command.
If follow-on skills are installed or created, they may need access to private accounts or messaging channels.
The skill may identify workflows that require credentials or tokens for services such as email and Slack. This is expected for integrations, but these are sensitive privileges.
input: "Email credentials/session" ... input: "Summary text, Slack webhook/token"
Use least-privilege tokens, confirm exactly which account access is needed, and avoid sharing credentials with newly generated or unreviewed skills.