http-retry
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only HTTP retry skill is coherent and benign, but users should avoid applying automatic retries blindly to operations that can change data.
This skill appears safe as an instructional HTTP retry pattern. Before using it, make sure retries are appropriate for the request type, especially for POST or other operations that change data, and add service-specific safeguards where needed.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into workflows that perform state-changing HTTP calls, automatic retries could accidentally repeat an action such as creating an order or submitting a transaction.
The example retries any HTTP request represented by the supplied options, without documenting method restrictions, idempotency keys, or special handling for mutating operations.
const response = await fetch(url, { ...options, signal: controller.signal }); ... if (response.status === 429 || response.status >= 500) { ... continue; }Use this pattern mainly for idempotent requests, add idempotency keys or explicit safeguards for mutating calls, cap retries, and consider honoring service-specific Retry-After guidance.