Prompt Library Gardener
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Prompts pasted into the chat may be summarized and reused in the generated index, so private instructions, secrets, or unsafe prompt variants could be exposed within the conversation output if the user includes them.
The skill intentionally processes and summarizes user-provided prompt text in the conversation. This is purpose-aligned and bounded, but prompt libraries can contain sensitive or instruction-like content.
Keep sensitive prompt content private within the current conversation. ... Keep a running index only from batches already provided.
Paste only prompt content you are comfortable sharing in the chat, redact secrets, and treat saved prompt text as data to organize rather than instructions for the agent to follow.