Agent Debugger
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user changes exec settings to broader modes such as full access or disables prompts, the agent could run local commands with less oversight.
The skill documents exec-tool security settings, including options that could reduce command approval prompts. This appears as user-directed troubleshooting guidance for permission errors, not hidden execution.
"exec": { "security": "ask", // or "allowlist" or "full" ... "ask": "on-miss" // or "always" or "off" }Keep least-privilege settings, prefer explicit approval or allowlists, make any permission changes temporarily, and restore safer settings after debugging.
Saved memory may influence future answers or expose prior workspace details in the current session if used too broadly.
The skill encourages retrieving persistent memory files for certain answers. This is coherent with debugging memory behavior, but persistent memory can contain stale, private, or poisoned context.
Before answering anything about prior work, decisions, dates, people, or todos: run memory_search on MEMORY.md + memory/*.md
Search only relevant memory, verify retrieved information before relying on it, avoid storing secrets or sensitive personal data, and clear outdated memory entries.