v1.0.0

AI-CLI Design

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:37 AM.

Analysis

This is a benign instruction-only CLI design guide; the main caution is that its suggested auto-confirm flags should be handled carefully for destructive commands.

GuidanceThis skill appears safe to install as a documentation-only guide. If you use it to design real CLI tools, be careful with --yes and --no-input options on commands that create, modify, delete, publish, or otherwise affect important data.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

支持 `--yes` / `--no-input` 跳过确认（AI 不能回答 y/n） ... `--yes, -y        自动确认所有提示`

The skill recommends auto-confirm and no-input flags for AI-friendly CLIs. This is coherent with the stated design purpose, but if applied to destructive or account-mutating commands it can reduce human confirmation.

User impactA CLI built using this guidance could let an agent bypass prompts if the user or tool designer exposes broad --yes behavior.

RecommendationWhen applying this guidance, keep destructive actions explicit, add dry-run or preview modes, scope --yes to user-approved operations, and preserve clear audit output.