architect-review
PassAudited by ClawScan on May 11, 2026.
Overview
This instruction-only architecture review skill appears purpose-aligned and report-only, with normal caveats around reading project files, optional subagents, and report metadata.
Before installing, be aware that this skill is meant to read project specs and selected source files to produce a report. Use sequential mode for sensitive projects, review generated report metadata before sharing, and verify the publisher because the registry source is not identified.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect source files, specs, and security-related design files in the project to prepare the report.
The skill asks the agent to inspect project files, including architecture and security-related areas. This is expected for architecture review, but users should know it may read sensitive project structure or security design information.
For EACH dimension... Read relevant project files for this dimension: ... Security → auth, trust boundaries, secrets handling
Use it only in projects you are comfortable having reviewed by the agent/model, and avoid keeping real secrets in source files.
If the report is saved or shared, future agents may use its embedded metadata and issue locations.
The report template intentionally creates machine-readable metadata for future agents. This is purpose-aligned, but persistent report metadata and file paths could influence later automation.
At the END of the report file, include a hidden metadata block for downstream agents... This metadata enables a separate fix agent to: Parse the report programmatically; Navigate directly to problem locations
Review generated reports, including hidden or machine-readable sections, before sharing them or using them to drive automated fixes.
If you request parallel/subagent mode, project summaries, requirements, and relevant file paths may be passed to other agents or models.
The skill can send review context to subagents in an explicitly requested parallel mode. The opt-in requirement is a good boundary, but project context may still be shared across agent/model boundaries.
Optional: Parallel (subagents) - Only use Task tool if the user explicitly says "并发" / "parallel" / "用子 agent".
Use the default sequential mode for highly sensitive projects unless you are comfortable with subagent/model sharing.
You have less external provenance to verify who maintains the skill, but the supplied artifacts do not show executable code or install-time behavior.
The skill has limited provenance information, although there is no executable install mechanism or code package shown.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install only if you trust the publisher or have reviewed the installed instruction files yourself.