Vibe Coding
PassAudited by ClawScan on May 1, 2026.
Overview
This is an instruction-only guide for using AI coding tools, with reasonable safety reminders and no code, install steps, credentials, or hidden capabilities.
This skill appears safe to install as an educational, instruction-only guide. When applying it, supervise autonomous coding tools, review security-sensitive code yourself, test after changes, and keep persistent rules files clean of secrets or unsafe instructions.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An autonomous coding assistant may make broader code changes than expected if the user does not review its plan and output.
The guide recommends use of an autonomous coding tool that can perform multi-step work. This is directly related to the skill's purpose, but users should supervise plans, diffs, and tests.
Claude Code ... Key feature: Agentic multi-step execution ... Let it run — it's designed for autonomy
Use the guide's own Research-Plan-Implement workflow: approve plans before implementation, review diffs, and test after each change.
Bad or overly broad rules could cause repeated poor coding decisions, and secrets placed in rules files could be exposed to AI coding tools.
Persistent rules files are intended to shape future AI behavior. This is useful and purpose-aligned, but inaccurate, unsafe, or sensitive content in those files could be reused across future coding sessions.
Rules files teach AI your project conventions. Put it once, applies to every interaction.
Keep rules files scoped to project conventions, review them like code, and never include secrets, tokens, or private credentials.