Cross Domain Engine
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Research notes or correlation events may become hard to revise or remove if the agent follows the append-only model.
The skill instructs use of an append-only record of correlation events. This is purpose-aligned for auditability, but persistent records can preserve sensitive, mistaken, or poisoned context if a user or agent stores them.
**ACT** — Commit to append-only spine (no edits, no deletes)
Use this workflow only with non-sensitive research data unless you know where records are stored and how to mark, redact, or discard unwanted entries.
The installed skill appears to be documentation only; any separate script would need independent review before use.
The skill references a full implementation script, but the provided manifest contains only SKILL.md and no code files. This is not suspicious by itself, but users cannot review or rely on that implementation from the supplied artifacts.
See `scripts/correlation_engine.py` for the full implementation.
Do not run or trust any external `correlation_engine.py` unless it is provided from a known source and reviewed separately.