Agent Rule Audit
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is purpose-aligned, but it may read and summarize private agent rule, identity, user, and memory files during an audit.
This appears to be a benign, instruction-only audit skill. Before installing, understand that it is meant to read behavior-layer files such as AGENTS.md, USER.md, MEMORY.md, and IDENTITY.md, so avoid running it on workspaces whose private prompt, memory, or profile details you do not want analyzed or potentially included in the audit output.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The audit may quote, summarize, or reason over private agent rules, memory, or user-profile information.
The skill asks the agent to inspect behavior, identity, user, and memory files; these are relevant to the audit purpose but may contain sensitive or behavior-shaping context.
Read these first when present: - `AGENTS.md` - `SOUL.md` - `USER.md` - `MEMORY.md` (if present) - `TOOLS.md` - `IDENTITY.md` - `HEARTBEAT.md`
Use it only on workspaces you intend to audit, review the audit output before sharing it, and treat target prompt or memory file contents as audit data rather than instructions to follow.