Joan Workflow
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only Joan workflow guide, with only purpose-aligned cautions around account access, shared workspace changes, and persistent AI context files.
This skill appears safe to install as an instruction-only guide. Before following its commands, make sure you are using the intended Joan account and workspace, review generated CLAUDE.md context, and be careful with push, update, and archive commands because they can affect shared workspace data.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Following these commands may change or share workspace pods, todos, or plans with a team.
The documented Joan CLI workflows include actions that can update, archive, or push workspace content to a server. This is clearly related to Joan workflow management, but it can affect shared data.
`joan pod push` ... `joan todo update <id>` ... `joan todo archive <id>` ... `joan plan push <todo-id>`
Confirm the target workspace, todo, pod, or plan before running push, update, or archive commands.
Using the integration may allow access to Joan workspaces available to the logged-in account.
The skill discloses OAuth-based Joan account authentication. This is expected for accessing a user’s Joan workspaces, but it gives the Joan CLI/MCP integration delegated account access.
The MCP server uses OAuth 2.1 authentication. Authenticate via the CLI first with `joan auth login`.
Authenticate only with the intended Joan account and review the workspace access granted by that account.
Workspace knowledge may become persistent project context that future AI sessions read and rely on.
The skill documents generating a persistent CLAUDE.md file from Joan context. This is purpose-aligned, but content placed in an AI context file can influence later assistant behavior.
`joan context claude` ... Generate CLAUDE.md with Joan context
Review generated CLAUDE.md content before relying on it, especially if pods are edited by multiple people.
Workspace and pod information may be accessed through Joan’s MCP service when configured and authenticated.
The skill discloses an external MCP server that can list workspaces and retrieve pod content. This is coherent with the Joan workflow, but it creates an external tool boundary for workspace data.
Joan provides an MCP server at `https://joan.land/mcp/joan` with tools: `list_workspaces`, `list_pods`, `get_pod`.
Use the MCP integration only for workspaces where sharing pod content with the assistant is intended.