ClawHub
Back to skill
v1.0.0

Autonomia Agente

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:56 AM.

Analysis

This instruction-only skill is not visibly malicious, but it asks the agent to act proactively and persistently capture interactions without clear limits.

GuidanceReview this skill before installing if you do not want the agent to keep long-term notes or act proactively. If used, define what may be stored in .autonomia, how to delete it, what information must never be logged, and when the agent must ask before taking action.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents
SeverityMediumConfidenceHighStatusConcern
SKILL.md
✅ **Check-ins proativos** — Monitora o que importa e reach out quando necessário

The skill encourages monitoring and proactive outreach without specifying when user approval is required or what actions are off-limits.

User impactThe agent may behave more autonomously than expected, initiating follow-ups or actions beyond the immediate user request.
RecommendationRequire explicit confirmation before external actions, messages, file changes, or account-affecting steps, and define what the agent may monitor.
Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
SKILL.md
✅ **Relentless resourcefulness** — Tenta 10 abordagens antes de desistir

This changes the agent's stopping behavior by encouraging repeated attempts before giving up. It is purpose-aligned for an autonomy skill, but users should understand the persistence it requests.

User impactThe agent may spend more time or take more steps than the user expected unless limits are set.
RecommendationSet explicit limits for retries, tool use, time spent, and when the agent should stop and ask the user.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusConcern
SKILL.md
✅ **Working Buffer** — Captura cada troca na zona de perigo

The skill says it captures every exchange, which can include sensitive user information, and the artifact does not define exclusions, retention limits, review, or deletion controls.

User impactPrivate details shared with the agent could be written into persistent memory and reused in later sessions, including stale or incorrect information.
RecommendationUse only with clear rules for what may be logged, where .autonomia files are stored, how long they are kept, and how the user can review or delete them.