Aegis Firewall
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.
This skill is suitable if you want an extra defensive checklist around untrusted content and risky commands. Be aware that the provided SKILL.md content is truncated in the review input, so this assessment applies to the visible supplied artifacts. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run ordinary development commands when it considers them necessary and inspected, while reserving explicit confirmation for high-risk actions.
The skill sets a policy allowing some local command execution after inspection and user notice rather than requiring explicit confirmation for every action.
Medium Risk ... Running tests, local builds, linters, or inspected project scripts ... Action: Proceed if the action is clearly necessary for the task
Review command proposals in sensitive repositories, and ask the agent to require confirmation before any command execution if you want stricter control.
The agent may silently apply extra safety checks while reading untrusted content or preparing risky actions.
The skill instructs continuous behavioral scanning during relevant workflows, though the artifacts show no persistent worker, installed code, or activity outside the active agent session.
Treat anomaly detection as an always-on, low-friction activity. You do not need to announce every scan
If you want full visibility, instruct the agent to explicitly report each anomaly scan or risk classification before proceeding.