盘古·skill
PassAudited by ClawScan on May 3, 2026.
Overview
This instruction-only skill looks coherent and non-malicious, but it can read and distill your knowledge-base content into reusable skill files, so review the scope and output carefully.
This skill appears safe to install as an instruction-only workflow, but use it with intentional scope: choose a specific knowledge base, folder, or document; remove confidential, personal, or copyrighted material you should not share; and review all generated files before zipping, uploading, or installing the resulting Skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private notes, proprietary documents, or prior-chat details could be summarized into generated Skill files that may later be reused, zipped, uploaded, or shared.
The skill may process an entire knowledge base or prior conversation and turn that material into persistent Skill content; this is central to its purpose but can carry private or prompt-like content into future reuse.
读取策略:- 完整蒸馏:读取知识库所有文件和文件夹结构 ... - 任务蒸馏:分析对话历史,提取完整工作流
Use a clearly bounded source, exclude secrets and personal data, and review the generated SKILL.md, references, assets, and examples before installing or sharing them.
The agent may create or modify files in the chosen Skill directory as part of normal use.
The instructions direct the agent to create a Skill directory and write files after confirmation. That is purpose-aligned, but it is still local/project file mutation.
Phase 1.5: 创建 Skill 目录 ... 收到确认后立即执行 ... 所有参考文件必须存在 skill 目录内部
Confirm the output path, keep backups for existing Skills, and inspect file diffs before registering or installing the generated Skill.
Any referenced knowledge base that the agent can access may be used as source material for the generated Skill.
The skill relies on the user agent's existing access to an IMA knowledge base. No credentials or tokens are requested, and this access is expected for the stated purpose.
本技能自动读取 IMA 知识库内容并蒸馏 ... 知识库必须可访问 — 使用 `@知识库名称` 引用
Reference only knowledge bases you own or are authorized to process, and avoid granting broader workspace access than needed.