Universal Company Operator System
AdvisoryAudited by Static analysis on May 11, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may produce action plans and command-style workflows, but the reviewed instructions do not authorize it to change your system or accounts on its own.
The command layer is framed as an execution console, but it explicitly limits tool/environment changes and requires asking before broader actions.
It does not install packages, modify the host environment, add plugins, change secrets, or assume unavailable tools. Ask before any broader environment change.
Treat generated plans as advisory unless you explicitly approve any real-world, account, payment, deployment, or environment-changing action.
The skill can batch and structure work while you are away, but according to the artifacts it should only create drafts, plans, analyses, and approval lists.
Night Shift Mode uses autonomous-style task decomposition, but it is scoped to safe deliverables and defers irreversible work to the user.
Take a single user objective... split it into discrete work packets... This operator executes only safe, reversible, asynchronous work and explicitly defers anything irreversible to the human.
Review the Morning Brief before taking action, especially for spending, publishing, sending messages, contracts, or business commitments.
There is no artifact-backed credential use, but users may be confused by capability signals that sound more privileged than the documented behavior.
The capability signals mention high-impact wallet, purchase, and credential domains, while the provided skill text is instruction-only and does not actually request those permissions.
Capability signals: crypto; requires-wallet; can-make-purchases; requires-sensitive-credentials
Do not provide wallet access, payment authority, API keys, or sensitive credentials unless a specific, reviewed, user-approved workflow clearly requires them.
The mismatch does not show malicious behavior, but it makes the exact packaged version less clear.
The supplied registry metadata lists version 1.1.2, while the embedded _meta.json lists 1.1.1, creating a small version/provenance mismatch. No code or install step is present.
"version": "1.1.1"
Verify the publisher and version before installing, especially if a later package adds code, credentials, external tools, or install steps.