Redis Cluster Analyzer
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to perform a purpose-aligned Redis configuration review using read-only discovery, with the main caution that it may read Redis secrets and application connection code.
Use this skill when you intentionally want a Redis audit. Limit it to relevant Redis and application files, verify any redis-cli commands target the correct environment, and ask for secrets such as passwords or connection strings to be redacted from the report.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect Redis configuration files, application code, and live Redis metadata if you invoke it for an audit.
The skill instructs the agent to use local shell discovery and Redis CLI inspection. These are purpose-aligned and appear read-only, but they still interact with local files and a live Redis environment.
find /etc/redis/ -name "*.conf" -type f ... grep -rl "Redis\|redis\|ioredis\|redis-py\|RedisCluster" /path/to/app/ ... redis-cli INFO server 2>/dev/null
Use it only on intended Redis/project paths, confirm the target Redis instance, and avoid granting broader shell access than needed.
Redis passwords or connection details could be included in the agent's working context or report if present in the reviewed files.
Redis configuration and application connection code can include passwords, connection strings, hostnames, and other sensitive access details. This is expected for a Redis audit, but users should notice the credential exposure risk.
The agent parses each configuration to extract: ... **Server configuration** (bind, port, requirepass, maxclients) ... **Connection pool config** (from application code)
Provide only the files needed for the audit and ask the agent to redact secret values in its output.
You have less external provenance to rely on when deciding whether to trust the instructions.
The skill has limited provenance information. This is a low-severity note here because the artifacts show an instruction-only skill with no install script or code files.
Source: unknown Homepage: none
Prefer skills with clear source provenance for higher-assurance environments, or review the instructions carefully before use.