Cybersecurity

PassAudited by ClawScan on May 1, 2026.

Overview

This is a coherent instruction-only cybersecurity helper with no code or credentials, but it does keep local notes about your security environment and incidents.

This skill appears safe to install if you are comfortable with it using ~/cybersecurity/ as local memory. Do not store passwords, tokens, customer secrets, or sensitive evidence in those files, and review the saved scope and incident notes when your environment or authorization changes.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI06: Memory and Context Poisoning

What this means

Details about systems, incidents, and security boundaries may remain on disk and be reused in later conversations.

Why it was flagged

The skill intentionally persists security environment details, authorization boundaries, and incident context for reuse. That is coherent with the skill's purpose, but this kind of information can be sensitive and may affect future agent behavior if stale or incorrect.

Skill content

- activation preferences and environments where the skill should or should not auto-activate
- authorized scope, boundaries, and red lines for offensive or disruptive work
- important assets, trust boundaries, and recurring threat themes
- active incident or finding context worth reloading later

Recommendation

Use the local memory only for non-secret security context, keep the ~/cybersecurity/ files protected, and periodically review or delete stale incident and scope information.