v1.0.0

Workspace Indexer

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:09 AM.

Analysis

This skill is not malicious, but it would create a recurring, persistent index of workspace directories and memory references, so users should review its scope before enabling it.

GuidanceReview and customize the allowed workspace paths, memory sources, and output contents before installing. Avoid enabling daily HEARTBEAT automation until you have exclusions for secrets, private logs, client data, and any projects you do not want indexed.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

skill.json

"requiredTools": ["exec", "memory_search", "read", "write"]

The skill discloses broad tools, including exec plus file read/write. These are expected for indexing but should be kept read-only except for the intended index output.

User impactIf the agent uses overly broad shell commands, it could inspect more local state than intended while building the index.

RecommendationUse read-only, scoped commands for directory and service checks, and require confirmation before any command that changes files other than WORKSPACE_INDEX.md.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

SKILL.md

定期维护（建议在 HEARTBEAT.md 中配置每天检查一次）

The skill recommends configuring a recurring daily check, which can keep scanning and updating the index after the initial user request.

User impactThe workspace and memory index may be updated repeatedly in the background, including new directories or memory references that appear later.

RecommendationOnly enable HEARTBEAT.md automation if you want recurring indexing, and add clear limits, exclusions, and a way to disable or review updates.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

首先使用 `memory_search` 搜索每个目录的相关记忆... 写入 `WORKSPACE_INDEX.md` ... 相关记忆

The skill searches memory for each directory and persists memory references in a workspace index, which can expose or over-preserve private context if not bounded or redacted.

User impactPrivate workspace context or conversation-memory references could be summarized into a reusable index that future agents or users may rely on.

RecommendationBefore use, define which memory files and workspace paths may be indexed, exclude sensitive directories, and avoid copying sensitive details into WORKSPACE_INDEX.md.