Expert Mode
PassAudited by ClawScan on May 15, 2026.
Overview
This looks like a benign project advisory skill that creates local expert notes, with no evidence of hidden credential use, exfiltration, or unsafe automatic execution.
Expert Mode appears safe for project-local advisory use. Before installing, be comfortable with it reading project notes and creating experts/ roster and dossier files. Ask for confirmation before edits outside those files, and treat generated expert advice as decision support rather than professional legal, medical, financial, or security advice.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may inspect your project notes and create or update expert files in the project.
The skill directs the agent to read project files and create local roster/dossier files. This is expected for an expert-review workflow and includes a guard to ask before surprising writes.
Read available project files when working inside a managed project: ... PROJECT.md ... PLAN.md ... LOG.md ... relevant refs/ or work/ files ... If no roster exists and writing files is appropriate, create it. If writing files would be surprising, ask first.
Use it in projects where local file review and note creation are acceptable; ask the agent to confirm before writing outside experts/ or other expected project folders.
If you choose to run the helper scripts manually, you are relying on code from a source without a published homepage in the provided metadata.
The registry metadata provides limited provenance and lists helper scripts, although there is no install spec and no visible instruction that automatically runs them.
Source: unknown; Homepage: none ... Required binaries: python3 ... Code file presence: scripts/make_expert_dossier.py, scripts/validate_expert_roster.py
Review the helper scripts or install only from a publisher you trust, especially before manually executing python scripts.
Outdated, overly broad, or user-inserted dossier content could influence later advice in the project.
The skill intentionally creates persistent project-local context that may be reused in later expert-mode responses.
stores them in a project-local roster, writes reusable expert dossiers, loads only the relevant expert context
Periodically review, archive, or delete stale expert dossiers, and avoid storing secrets or sensitive personal data in them.