Observability & Reliability Engineering

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI06: Memory and Context Poisoning

What this means

If implemented carelessly, logs and dashboards could retain sensitive user or business data longer than intended.

Why it was flagged

The skill recommends structured observability logs that may contain persistent user and business identifiers, while also explicitly advising anonymization and secret/PII scrubbing.

Skill content

client_ip: 203.0.113.42  # Anonymize in logs if needed ... business: user_id: "usr_456" ... amount_cents: 4999 ... Never log secrets ... PII & Secret Scrubbing

Recommendation

Use the provided scrubbing patterns, minimize logged fields, avoid secrets and direct PII, and enforce log retention and access-control policies.