Multi-Skill Automation Suite
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill advertises broad automatic control over system security, Git workflows, browser actions, and skill installation/update behavior without included implementation or clear user controls.
Review carefully before installing. Do not allow automatic skill installation, updates, host hardening, firewall/SSH changes, Git pushes, or background monitoring unless the maintainer provides clear implementation details, trusted provenance, explicit approval prompts, and rollback instructions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could be encouraged to change network access, system security settings, or repository state in ways that are difficult to review or undo.
These are high-impact system and repository mutation capabilities, but the artifacts do not define approval requirements, target scope, rollback behavior, or safe limits.
"Host Security Hardening", "Firewall & SSH Management", "Repository Monitoring: Automatic status checking and updates"
Require explicit user confirmation for every mutating action, document exact commands and scope, and provide rollback instructions before using these capabilities.
Improperly scoped use could lock users out, open access unexpectedly, or make privileged system changes without adequate review.
Firewall and SSH configuration commonly require elevated local privileges and can affect account or host access, but the skill does not specify privilege boundaries or user authorization checks.
"Firewall & SSH Management: Secure network access configuration"
Only allow these operations after explicit user approval, show the exact configuration diff, and avoid privileged execution unless the user specifically requests it.
The agent may install unreviewed skills that add new permissions, instructions, or unsafe behavior.
Automatically finding and installing additional skills can change the agent's behavior and trust boundary, but the artifacts provide no provenance checks, version pinning, review process, or allowlist.
"Skill Discovery: Find and install new agent skills automatically"
Disable automatic skill installation by default, require user review of each skill, and pin trusted sources and versions.
Users may rely on the agent to produce content designed to mislead detection or review systems.
The skill explicitly advertises bypassing detection systems, which is framed as evasion rather than transparent content processing.
"Humanize AI Text: AI text humanization to bypass detection systems"
Reframe this capability around legitimate editing and disclosure, and remove instructions that promote bypassing detection.
The agent could be encouraged to keep operating beyond a single user-requested task without clear limits.
Continuous monitoring implies ongoing or background activity, but the artifacts do not define how it starts, stops, stores state, alerts, or obtains user consent.
"Proactive Monitoring: Continuous system health monitoring and alerting"
Require an explicit opt-in schedule, visible status, stop/uninstall instructions, and scoped monitoring targets.