Close Loop
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent and not malicious, but it can automatically commit/move files and update persistent memory or rule files, so users should review its side effects before use.
Install only if you want a wrap-up skill that can make local project changes. Start with dry-run, inspect proposed commits, file moves, task updates, memory writes, and CLAUDE.md or rule-file edits, and only allow push/deploy/publish after confirming the target and scope.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A wrap-up request could result in local commits or other project changes before the user has reviewed the exact actions.
The skill explicitly defaults to direct execution and allows commits when the agent decides the local repo changes and message are clear, rather than requiring explicit user approval for each local mutation.
- Default is execution mode: perform actions directly. - Ask exactly one minimal question only when blocked by unclear irreversible operations. ... | Commit | Local repo changed and message is clear | Unclear scope for staged files | Repo locked or no write permission |
Use dry-run first, or require explicit confirmation before commits, file moves, task closures, deploy scripts, or other side-effecting actions.
If approved or covered by project policy, the agent may push code, deploy, or publish using available permissions.
The skill may use the user's existing repository, deployment, or publishing authority, but the artifact does include an approval gate for these external actions.
- Only push, deploy, or publish externally when explicitly requested in this session or preapproved by project policy.
Confirm the intended remote, deployment target, and publishing platform before allowing these actions.
Incorrect, overbroad, or poisoned session conclusions could be saved into future context or project rules.
The skill can immediately write persistent memory and modify instruction/rule files based on the session. Although safeguards exist, these changes can affect future agent behavior without an explicit review checkpoint.
Apply low-risk improvements immediately: 1. Update relevant `CLAUDE.md` or scoped rule files. 2. Save stable insights to memory with confidence labels. 3. Draft skill or hook specs for repetitive patterns.
Review memory writes and changes to CLAUDE.md, .claude/rules, skill specs, or hook specs before keeping them; prefer dry-run for untrusted or complex sessions.