Task Finish Contract
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent and purpose-aligned, with minor cautions about autonomous follow-up wording, local file scanning, and persistent task evidence logs.
This skill appears safe to install as a process aid. Before using it broadly, make sure your agent still asks before important actions, avoids putting secrets in evidence, and keeps any memory or task logs limited to non-sensitive workspace information.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be more likely to continue into execution-oriented responses instead of pausing after a plan.
These instructions deliberately change stopping conditions and push the agent toward producing execution evidence. That matches the skill's task-completion purpose, but it can affect how the agent responds when the user only wants planning or approval before action.
Planning-only replies: max 1 - Next reply MUST contain execution evidence - Never end with "I will now..." without tool result
Use this as a workflow aid, but require the agent to pause for explicit approval before risky, irreversible, public, or account-changing actions.
If run in a large or sensitive directory, the command could reveal secret values or private file contents in the session.
The checklist suggests a recursive PowerShell search through local files. It is intended to find sensitive strings before logging evidence, but matching lines may display secrets in the agent context or logs.
Get-ChildItem . -Recurse -File | Select-String -Pattern 'apiKey|token|secret|password' -CaseSensitive:$false
Run the scan only in the intended workspace, avoid pasting full secret-containing matches into task evidence, and prefer redacted or filename-only reporting when possible.
Task details or artifact references could persist beyond the immediate conversation if recorded in memory.
The verification criteria reference a persistent memory file for goal/progress/next tracking, and the evidence format may include artifact paths, URLs, or IDs.
Select-String "Goal" memory/{date}.mdKeep completion logs minimal, use relative paths, avoid credentials or personal data, and periodically prune task memory if it is no longer needed.