Nm Sanctum Pr Prep
PassAudited by ClawScan on May 9, 2026.
Overview
This instruction-only skill is coherently focused on preparing pull requests, with expected local quality-check commands and PR-description drafting steps.
This skill appears safe for its intended purpose. Before installing or using it, be comfortable with the agent running your repository's normal format, lint, test, and documentation-sync commands, and review any resulting file changes and the generated PR description before submission.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local build/test tools and apply fixes in the repository before drafting the PR.
The skill instructs the agent to run local project commands and potentially modify files to fix failures. This is expected for PR preparation, but users should notice that project tooling can execute code or change the working tree.
Execute formatting, linting, and tests using project-specific commands (e.g., `make fmt`, `make lint`, `make test`). Resolve all failures before proceeding.
Use this skill in a trusted repository, review any file changes after quality gates run, and confirm project commands before allowing broad fixes.
The agent may update generated documentation or capability reference files when plugin files change.
The workflow can invoke a fix command when plugin capability reference files are out of sync. This appears limited and purpose-aligned, but it is still a repository-mutating action.
If it reports discrepancies, run `/sync-capabilities --fix` or update the reference manually before proceeding.
Review generated documentation changes before committing or opening a PR.
Task-tracking entries may remain visible as workflow history or audit context.
The skill uses TodoWrite items as workflow state. This is disclosed and low risk, but it means progress/audit context may persist during or after the workflow.
Create → Complete → (optionally) Delete stale items after workflow success. Keep proof-of-work and audit items intact.
Avoid placing secrets in task names or PR-prep notes, and clean up stale workflow items when appropriate.