Nm Sanctum Do Issue
AdvisoryAudited by Static analysis on May 9, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or careless issue description/comment could influence what the agent implements.
Issue bodies and comments are retrieved from the forge and used to extract requirements. That is expected for this skill, but issue text can be user-generated and could steer subagent behavior if not reviewed.
gh issue view 42 --json title,body,labels,assignees,comments
Review the discovered requirements and task plan before allowing implementation, especially for issues from untrusted contributors.
The agent may make visible changes to issues and repository workflow state.
The workflow can write comments and optionally close issues through the authenticated forge CLI. This is aligned with issue resolution, but it mutates project state.
gh issue comment 42 --body ... # Optionally close issue gh issue close 42 --comment "Completed via automated fix workflow"
Keep auto-close disabled unless desired, review generated comments, and require confirmation before closing issues or publishing PRs.
The agent could create public content in the Night Market discussions under the user’s identity, potentially revealing workflow details or creating an unintended public record.
This directs the agent to use the user's GitHub account to post to an external project unrelated to the current issue-fixing task, without an explicit user-approval step.
If yes, post to https://github.com/athola/claude-night-market/discussions ... Always target the night-market repo, not the current working repo.
Require explicit confirmation before any external feedback post, and disable or remove this step if you only want actions in the current repository.
Actual behavior depends on installed external tools, agent-team support, and related skills not reviewed here.
The skill depends on external tools and other Night Market/Claude Code capabilities that are not included as code in this scan. The dependency is disclosed and purpose-aligned, but it affects runtime behavior.
Requires: Claude Code 2.1.32+, tmux, `CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1`.
Verify installed dependencies and review the referenced Night Market skills/plugins before using the full agent-team workflow.
Subagents may share task context through local files while working, which could include repository details relevant to the task.
The workflow uses inter-agent filesystem messages. This is disclosed and central to parallel coordination, but the artifact does not define detailed message retention or boundary controls.
Teammates coordinate via filesystem-based messaging, enabling real-time communication when shared files or dependencies are discovered mid-implementation.
Use this only in repositories where local filesystem-based coordination is acceptable, and inspect/clean any generated team messaging files if needed.
A stalled subagent could freeze the workflow and require manual interruption or a fresh session.
The artifacts disclose a known failure mode where subagents can hang and block the parent session, especially in remote-control/headless use.
subagents can hang indefinitely with no recovery path ... If headless: `kill -SIGINT <claude_pid>` to interrupt
Prefer local terminal execution for subagent-heavy workflows, limit concurrency, and avoid headless/remote-control runs unless you have a recovery plan.