Invariance Battery

AdvisoryAudited by Static analysis on May 12, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI01: Agent Goal Hijack

What this means

If invariants are too broad, incorrect, or influenced by untrusted content, the agent could block legitimate user-requested actions.

Why it was flagged

The skill intentionally describes a control gate that can decide whether an agent action proceeds or halts.

Skill content

Agent Action  Invariance Check  PASS (proceed) / FAIL (halt + report)

Recommendation

Use this only with explicit, user-approved invariants and make any halt or failure report visible to the user.

NoteMedium Confidence

ASI06: Memory and Context Poisoning

What this means

A future implementation could store sensitive task details or incorrect failure records for a long time.

Why it was flagged

The skill describes persistent audit logging of invariant checks, which could retain sensitive context if implemented without limits.

Skill content

Every check is written to the append-only spine

Recommendation

Define what gets logged, where it is stored, who can read it, and how long it is retained; redact sensitive data where possible.