Projects
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make local file-system changes in the project workspace, including creating, moving, or deleting project materials if the user directs that workflow.
The skill asks the agent to create and manage local project folders and files, including possible archiving or deletion during reviews.
Create `~/projects/` as workspace ... Create folder with README containing answers ... Review someday quarterly — activate, archive, or delete
Keep the workspace scoped to `~/projects/` and confirm before archiving or deleting project folders or files.
Project folders could contain sensitive contact, billing, decision, or work information that may be exposed if the folder is shared, synced, or backed up insecurely.
The skill may store persistent project and client/business information in local files.
Client/Work Projects - Add: deadline, contact info, rate if applicable - Track time if billing: simple log in project folder
Avoid storing secrets in these files, and use appropriate local permissions or encrypted storage if project/client details are sensitive.