Spec Coach
AdvisoryAudited by Static analysis on May 7, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may create or update a SPEC.md file in the active project directory.
This authorizes a local file write. It is central to the skill and gated on user approval, but users should still confirm the destination and whether an existing SPEC.md could be overwritten.
After approval, write `SPEC.md` in the current working directory unless the user gives another path.
Before approving final output, confirm the target path and ask the agent to check for an existing file or show a diff if needed.
Incorrect assumptions or sensitive project details in SPEC.md could influence later implementation work or be visible to others with workspace access.
Assumptions and project details can be persisted into the generated SPEC.md and later reused by implementation agents.
If still vague after 2 attempts, write an assumption and continue: `[ASSUMPTION: The system should respond within 2 seconds for normal requests.]`
Review the summary and final SPEC.md carefully, remove secrets or unnecessary sensitive details, and correct assumptions before using it for implementation.