Astro Project Analyzer
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only Astro audit skill is purpose-aligned, with only expected read-only project inspection and local command examples to review.
This skill appears safe for normal Astro project audits. Before using it, be aware that it may read local project files and run simple read-only inspection commands, so avoid using it on projects containing secrets or content you do not want included in the analysis.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect local project configuration and file listings to perform the audit.
The skill documents local shell commands for project discovery. They are read-only and scoped to typical Astro project files, so this is purpose-aligned but worth noticing.
cat astro.config.mjs 2>/dev/null || cat astro.config.ts 2>/dev/null find src -type f | head -50 ls src/pages/ src/layouts/ src/components/ src/content/ 2>/dev/null
Review commands before allowing them, and run the skill only in the intended project directory.
If followed, the skill may run simple local commands to inspect project metadata.
The skill includes a local Python one-liner to parse package.json. This is command execution, but it is read-only and directly supports detecting the Astro version.
cat package.json | python3 -c "import json,sys; d=json.load(sys.stdin); print('Astro:', d.get('dependencies',{}).get('astro', d.get('devDependencies',{}).get('astro','not found')))"Allow only the displayed, purpose-aligned inspection commands and avoid granting broader shell actions unless you request them.
Project source, filenames, frontmatter, and content details may be reviewed by the agent while performing the audit.
The skill is designed to inspect project source and content collection data. This is expected for the audit, but local unpublished content may enter the agent context during analysis.
Audit content collections for consistency If using content collections (`src/content/`): - Frontmatter consistency across entries - Missing required fields
Avoid using the skill on projects that contain secrets or private content you do not want included in the analysis context.