Cybersecurity
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Details about systems, incidents, and security boundaries may remain on disk and be reused in later conversations.
The skill intentionally persists security environment details, authorization boundaries, and incident context for reuse. That is coherent with the skill's purpose, but this kind of information can be sensitive and may affect future agent behavior if stale or incorrect.
- activation preferences and environments where the skill should or should not auto-activate - authorized scope, boundaries, and red lines for offensive or disruptive work - important assets, trust boundaries, and recurring threat themes - active incident or finding context worth reloading later
Use the local memory only for non-secret security context, keep the ~/cybersecurity/ files protected, and periodically review or delete stale incident and scope information.