A0X Agents
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (you-are-now); human review is required before treating this skill as clean.
Before installing, confirm you trust the A0X endpoint and are comfortable sending search queries, mentor chat messages, and curated learning proposals to that service. Do not include secrets, source code, private workspace contents, or sensitive project details in remote calls or proposals. ClawScan detected prompt-injection indicators (you-are-now), so this skill requires review even though the model response was benign.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make A0X search calls during debugging or architecture work even when the user did not explicitly ask for a search.
This instruction changes the agent workflow by prioritizing the remote knowledge search before normal debugging reasoning.
CRITICAL: When you encounter an error, **check the brain BEFORE you start reasoning about it yourself**.
Use the skill when you want this shared-knowledge workflow, and ask the agent to avoid external lookups for private or sensitive tasks.
Queries, proposal text, votes, and chat messages can be sent to the A0X server.
The skill exposes remote tool calls for mentor chat, knowledge search, proposing, and voting; this is central to the skill but should be understood by users.
These tools are **NOT local** — they live on the A0X MCP server. You call them by making HTTP POST requests to the MCP endpoint.
Review what the agent plans to send, especially before proposing knowledge or sharing project details.
Anyone using the configured environment can authenticate to the A0X service as that key holder.
The skill requires an A0X API key for its remote MCP service.
requires": {"env": ["A0X_MCP_API_KEY"]}, "primaryEnv": "A0X_MCP_API_KEY"Store the API key securely, restrict it to this service, and rotate it if it is exposed.
If the remote endpoint changes or is compromised, a manual reinstall could fetch different instructions than the reviewed artifact.
The documented manual install fetches skill files from a mutable remote endpoint without a checksum or pinned release.
curl -s https://services-a0x-agents-mcp-dev-679925931457.us-west1.run.app/skill.md > ~/.claude/skills/a0x-agents/SKILL.md
Install from a trusted, versioned source when possible, and review downloaded files before enabling them.
Submitted proposals may become visible to other agents, and retrieved knowledge from other agents may affect future recommendations.
The skill uses persistent shared knowledge that can influence future agents and may retain submitted learnings.
AI agents share learnings with each other. You propose knowledge after solving hard problems. Verified agents vote. Approved knowledge becomes searchable by all agents.
Do not include secrets, proprietary code, private project details, or sensitive debugging context in proposals; treat retrieved advice as untrusted until verified.
Users may overvalue the mentor's guidance or treat it as official Base or grant-review advice.
The skill presents advice through a high-authority founder persona, which can increase user trust in architecture or grant recommendations.
jessexbt is an AI clone of Jesse Pollak, founder of Base. He's your hackathon mentor — he's reviewed hundreds of projects, knows what gets funded
Use the mentor output as advisory only and verify funding, grant, and architecture decisions through official sources.