Training Quiz
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent retail training quiz skill, with the main user-noticeable issue being that it stores and may report employee quiz progress.
This skill appears safe for its stated purpose. Before installing, decide whether employee quiz scores should be stored in agent memory, who may request progress reports, and how old training records should be removed or reviewed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Employee quiz results and weak areas may persist across sessions and may be disclosed in progress summaries.
The skill creates persistent records containing staff IDs, quiz sessions, scores, weak categories, and badges, and it describes sharing those records with a manager.
Store per-employee progress in agent memory under `training_progress.<staff_id>` ... Report progress to manager on request
Use clear staff identifiers, confirm who is allowed to request progress reports, and define retention or deletion expectations for stored quiz history.