v1.0.0

Shadow Traffic Tester

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 1:48 PM.

Analysis

This skill is coherent for shadow traffic testing, but it asks an agent/operator to change live Kubernetes resources and mirror production requests without enough visible safeguards.

GuidanceReview carefully before installing or using. Only run it with an explicitly selected Kubernetes context and namespace, start with a very low mirror percentage, confirm the shadow service cannot perform real writes or external side effects, and add dry-run, rollback, cleanup, and data-redaction steps before using it near production.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

kubectl get deployment "$SERVICE_NAME" -n "$NAMESPACE" -o json | python3 -c "..." | kubectl apply -f -

The setup workflow generates a modified Kubernetes deployment and pipes it directly into kubectl apply, which can mutate a live cluster using the current Kubernetes context.

User impactIf run against the wrong context or service, it could deploy workloads or alter cluster state in production.

RecommendationRequire explicit context, namespace, service, and approval before apply; add dry-run/diff steps, rollback instructions, and clear cleanup commands.

Cascading Failures

SeverityHighConfidenceHighStatusConcern

SKILL.md

mirrorPercentage:
      value: 100.0

The Istio example mirrors 100% of production traffic to the shadow service, which can increase load and can trigger downstream side effects if the shadow service is not isolated.

User impactA shadow service could duplicate writes, emails, payments, cache updates, or backend calls, causing production-impacting failures even if user responses are discarded.

RecommendationDefault to a small mirror percentage, require side-effect-free shadow configuration, block or stub external writes, set quotas, and provide an emergency disable/rollback path.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none; Required binaries (all must exist): none

The registry metadata does not provide provenance or dependency declarations even though the skill's instructions rely on Kubernetes command-line tooling.

User impactUsers have less context for trusting operational guidance that can affect production infrastructure.

RecommendationVerify the skill author/source before use and document required tools, kubeconfig expectations, and supported environments.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

kubectl logs -l app="$SERVICE_NAME",version=v1 -n "$NAMESPACE" --tail=1000 --since=1h ... > /tmp/prod-access.log

The analysis workflow reads production service logs through kubectl and writes them locally, implying use of an authenticated Kubernetes identity with access to production workloads.

User impactAn agent using a broad kubeconfig could read sensitive logs or operate in the wrong cluster or namespace.

RecommendationUse a dedicated least-privilege Kubernetes service account, require explicit kube-context confirmation, and limit log access to approved namespaces and services.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusConcern

SKILL.md

mirror_request_body on; ... proxy_pass http://shadow$request_uri;

The Nginx mirroring example forwards full production request bodies to a shadow service, but the artifact does not define filtering, redaction, endpoint exclusions, or data-boundary controls.

User impactProduction payloads may contain personal data, secrets, tokens, or regulated information that would be copied to a test service.

RecommendationDocument what data is mirrored, exclude sensitive routes, redact headers/bodies where possible, and ensure the shadow service has equivalent privacy and access controls.