Factory
WarnAudited by ClawScan on May 10, 2026.
Overview
This installer is not clearly malicious, but it would make broad, persistent changes by installing many unreviewed agent components and an optional search server with access to past sessions and code.
Install only if you trust the fortunto2/solo-factory and solograph projects. Prefer reviewing the remote repository first, pinning versions or commits, installing into one agent at a time, skipping MCP unless you need it, and checking any hooks or auto-start settings after installation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A single setup command could alter several AI agent environments at once, not just the one the user intended.
The primary workflow tells the agent to perform a bulk installation across every detected agent environment, which can change multiple tools' behavior without per-agent scoping or rollback guidance.
npx skills add fortunto2/solo-factory --all ... installs all skills from GitHub to all detected agents
Install only into the specific agent you intend to use, review what will be added first, and provide rollback or uninstall steps before running bulk installs.
The behavior users receive depends on remote content that was not part of this scan and could change after review.
The reviewed artifact is only an installer instruction, while the actual skills are pulled remotely from GitHub without a pinned commit, package version, manifest, or reviewed code included here.
Method A (recommended): `npx skills` — works with any AI agent, installs from GitHub directly.
Review the GitHub repository and installed skill contents, prefer pinned versions or commits, and avoid installing changing remote bundles blindly.
The setup may keep extra agent components running or firing later, after the initial installation task is complete.
Hooks, additional agents, and MCP auto-start create persistent or automatically triggered behavior, but the artifact does not describe what the hooks do or how to disable them.
This installs all 23 skills + 3 agents + hooks + MCP auto-start in one command.
Use the plugin path only if you trust the full bundle; inspect hooks and auto-start configuration, and document how to disable or remove them.
Private notes, code, or past session content could be indexed and surfaced in later tasks in ways the user did not expect.
The optional MCP server can access and reuse knowledge base content, past coding sessions, and indexed project code, but the artifact does not define what data is included, excluded, retained, or shared back into future agent context.
`kb_search` — semantic search over knowledge base; `session_search` — search past Claude Code sessions; `project_code_reindex` — project registry
Configure explicit data scopes and exclusions before enabling MCP, and avoid indexing sensitive projects or past sessions unless needed.
Running this command executes code downloaded from the internet on the user's machine.
This is a user-directed setup hint for installing uv, but it still executes a remote shell script and should be treated as a sensitive installation step.
Fix: `curl -LsSf https://astral.sh/uv/install.sh | sh`
Prefer the official installer documentation, verify the source, and avoid piping remote scripts directly into a shell when possible.