Find Agent-Native Service
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A recommended service page could redirect the agent into actions beyond the user's original request.
This instructs the agent to treat third-party URL content as executable guidance, rather than only summarizing it for the user.
Read <url> and follow the instructions. ... the service hosts a machine-readable skill/protocol file that an agent reads and follows to self-register.
Use these URLs for review and summarization only unless the user explicitly approves following the remote instructions.
An agent could create or join an external service unexpectedly if it follows the onboarding step automatically.
The skill points to a mutating registration API action but does not define approval, parameters, side effects, or rollback.
Read https://ensue.dev/docs and call POST /auth/agent-register
Require explicit user confirmation before registration or API POST actions, and disclose what data will be sent.
The user may not realize the agent has enrolled in an outside ecosystem or gained a persistent service identity.
Autonomous service membership can establish an external identity or privilege boundary without explaining scopes, ownership, or revocation.
The agent becomes part of the service's ecosystem autonomously.
Make onboarding user-directed, document created identities and permissions, and provide clear removal or revocation steps.
If the user onboards to such a service, information may be shared with other agents or service operators.
The catalog includes services involving shared memory or agent ecosystems, which may expose agent state or content outside the local session if used.
Agent needs shared memory with OTHER agents | Memory & State | Ensue | URL Onboarding
Review each service's privacy and sharing model before onboarding, and avoid sending secrets or sensitive tasks unless explicitly intended.