Coding Guidelines
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
This skill appears safe to install as a coding-workflow guide. Be aware that it may encourage the agent to use stored coding preferences, write planning notes, and delegate larger tasks to subagents, so avoid including secrets or unnecessary private files in coding context. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Stored preferences may influence coding assistance across tasks.
The skill instructs the agent to use stored user preferences as context for coding work. This is relevant to the skill's purpose, but persistent memory can affect future outputs if it is stale or incorrect.
Things the user has strong opinions about (check MEMORY.md / friend memory)
Review or update any persistent memory/preferences if the agent starts following outdated or unwanted coding conventions.
For larger tasks, parts of the coding context may be delegated to subagents.
The skill recommends subagent use for larger coding tasks. This is disclosed and paired with safeguards such as minimum viable context and review before proceeding, but it may involve sharing task context with additional agent instances.
When to spawn subagents... Multi-file changes spanning 3+ files
Use subagents only for appropriate multi-part work and avoid sharing unnecessary sensitive files or secrets in delegated context.