v1.0.0

Multi-Skill Automation Suite

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:11 AM.

Analysis

This skill advertises broad, high-impact automation such as system hardening, Git pushes, background monitoring, and automatic skill installation without clear approval, scoping, or provenance controls.

GuidanceReview carefully before installing. This suite is very broad and under-specified: only install it if you are comfortable with an agent potentially being guided toward system configuration changes, repository publishing, background monitoring, and adding other skills. Prefer separate, narrowly scoped skills with clear approval prompts, version pinning, and documented rollback steps.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityHighConfidenceHighStatusConcern

README.md

- **Skill Discovery**: Automatically find and install new agent skills

Automatically installing additional agent skills can change the agent's capabilities and trust boundary, but the artifacts do not define trusted sources, version pinning, review, or explicit approval.

User impactThe agent could add or update other skills that the user has not reviewed, potentially expanding what the agent can do.

RecommendationRequire explicit user approval for every skill install or update, document trusted sources, pin versions, and show what permissions each added skill receives.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

README.md

- **Host Security Hardening**: Automated security configuration and hardening
- **Firewall & SSH Management**: Secure network access configuration

Firewall, SSH, and host hardening changes are high-impact system mutations. The artifacts do not describe dry-run behavior, approval gates, rollback, OS limits, or which settings may be changed.

User impactImproper or overbroad automation could change network access, lock users out, weaken security, or alter system behavior.

RecommendationLimit system changes to explicit user-requested operations, provide dry-run output, require confirmation before mutation, and document rollback steps.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

SKILL.md

- **Proactive Monitoring**: Continuous system health monitoring and alerting

Continuous monitoring implies persistent or background activity. The artifacts do not explain how it is started, stopped, scheduled, logged, or constrained.

User impactThe skill may encourage ongoing activity beyond a single user request, with unclear control over resource use and data observation.

RecommendationMake monitoring opt-in, define schedules and retention, provide a clear disable command, and avoid background operation unless the user explicitly enables it.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

- **Humanize AI Text**: AI text humanization to bypass detection systems
- **Content Optimization**: Make AI-generated content sound natural and undetectable

The advertised purpose includes evading detection and making AI-generated content 'undetectable,' which is a deception-oriented and unsupported trust claim.

User impactUsers may rely on the skill for deceptive or policy-violating content workflows, and the 'undetectable' claim may create false confidence.

RecommendationRemove detection-evasion claims and describe legitimate editing or style-improvement use cases with clear limitations.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

- **Code Management**: Repository status checking, commit management, and push automation

Pushing commits can act under the user's configured Git identity and remote credentials, but the artifacts do not bound remotes, branches, approvals, or credential use.

User impactThe agent could make or publish repository changes under the user's account if invoked too broadly.

RecommendationRequire confirmation before commits or pushes, show diffs and destination remotes, restrict branches by default, and document how Git credentials are used.