AutoSkill Local Skill Manager
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is coherent for managing local agent skills, but it can proactively analyze sessions and propose durable skill-file changes, so users should review diffs and external searches carefully.
Before installing, understand that this skill is meant to proactively notice reusable patterns and propose updates to local agent skills. Only approve exact diffs and paths you understand, avoid storing secrets or sensitive project details in skills, and use local-only discovery when the topic is private.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Approved skill updates can persist personal preferences, team rules, or workflow conventions and may influence future agent behavior.
The skill is intentionally designed to preserve reusable session knowledge into local skills that may be reused in future sessions.
Maintain the user's personal local skill files as a lightweight self-improving memory system.
Review proposed skill text before approving it, avoid saving secrets or overly broad rules, and keep backups of important local skills.
If a user approves a bad proposal, local agent skills could be changed in ways that affect future tasks.
The skill can manage high-impact local skill actions, including deletion, import, installation, and rewriting, but the documented workflow requires user confirmation.
Requires user confirmation before creating, updating, deleting, importing, installing, enabling, or materially rewriting skills.
Approve only narrowly scoped changes with clear target paths and understandable diffs; do not approve destructive or broad changes unless intended.
A query derived from personal or team-specific workflow material could reveal limited context to an external skill-search service.
External skill discovery is disclosed and purpose-aligned, but search queries may leave the local environment.
Searches local skills first, then uses external sources such as `npx skills find <query>` and skills.sh when external discovery is requested or duplicate risk is high.
Ask the agent to use local-only search for sensitive topics, or review/redact external search queries before they are sent.