founder-coach
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private journal entries and personal growth notes could be pulled into coaching context even if the user did not explicitly select those files for this session.
The skill can use the mere presence of a PhoenixClaw config file to access private journal and memory data, without a clearly stated per-use approval step.
Check for `~/.phoenixclaw/config.yaml` ... If exists: Read journal_path, access daily journals and memory
Make PhoenixClaw integration default-off or require explicit consent before reading it; document exact files, date ranges, exclusions, and retention behavior.
A scheduled report could repeatedly read journals/session context and write reports without the user actively invoking the coach each time.
This describes scheduled background activity, but the skill is otherwise presented as instruction-only and does not document user approval, installation, disabling, or containment for the cron behavior.
Timing & Triggers - **Automatic:** Every Sunday at 10 PM (via cron).
Remove automatic cron behavior or make it an explicit, user-installed opt-in feature with clear disable/uninstall instructions and scoped file access.
Sensitive business and mindset observations may remain in local profile files over time.
The skill intentionally keeps persistent coaching observations about the founder’s thinking patterns and business progress.
Location: `~/PhoenixClaw/Startup/founder-profile.md` ... Anti-Patterns Observed (with timestamps) ... **Update Rule**: Append-only.
Review the generated profile periodically and ensure the user can edit, archive, or delete stored observations.
A user may believe PhoenixClaw data is only read, while some configurations may write AI-generated coaching insights into journals.
The artifact presents the integration as read-only but also describes a possible journal-write configuration, which could confuse user expectations.
**Data Flow**: One-way (Founder Coach reads PhoenixClaw, does not write to it) ... **Journal Output**: Weekly reports can be configured to add a "Coaching Insights" section to PhoenixClaw daily journals.
Clarify whether PhoenixClaw writes are ever performed, and require explicit confirmation before modifying any journal files.