Runtime Attestation Probe
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent security-audit skill, but runtime probing should be limited to approved skills and controlled environments.
This skill looks suitable as an instruction-only security review aid. Before using it, decide exactly which skill and environment may be probed, avoid real production credentials or sensitive data unless necessary and approved, and treat any observed side effects from the target skill as potentially real.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, probing an untrusted or high-impact skill could exercise that target skill's tools or side effects.
The skill's core workflow can involve executing or instrumenting another skill. That is coherent for a runtime probe, but users should ensure the target and environment are explicitly approved and contained.
Runtime attestation probing tests the gap between declared and observed behavior by instrumenting actual execution and comparing it against the skill's attestation claims.
Run probes only against skills you are authorized to test, preferably in isolated or production-like test environments with clear limits on file, network, and account access.
Users have less external context for who maintains the skill or where its full project history lives.
The supplied metadata does not provide an upstream source or homepage. This is not a concrete unsafe behavior, especially because there is no install script or code file, but it limits provenance review.
Source: unknown; Homepage: none
Prefer skills with clear upstream provenance when available, or review the provided SKILL.md carefully before enabling it.