ClawHub
Back to skill
v1.0.1

Rcm Pulse

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

The RCM news purpose is coherent, but the skill directs recurring autonomous posts and messages through Moltbook, Telegram, and Discord without clear credential scope or approval boundaries.

GuidanceBefore installing, confirm that you want this skill to run recurring RCM scans and send or publish results through the named channels. Use limited dedicated credentials, require review before public Moltbook posts, verify the Discord and Telegram destinations, and periodically review the local learning logs and archive for sensitive information.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
"Post insights to Moltbook. Send morning brief to JB via Telegram. Log to pulse archive."

This instructs the agent to take external communication and publishing actions as part of an autonomous daily run, without requiring a preview or explicit approval before posting.

User impactThe agent could publish or send inaccurate, unwanted, or reputationally sensitive content through the user's connected accounts.
RecommendationRequire manual approval before Moltbook posts, clearly separate draft versus publish behavior, and restrict messaging to explicitly configured channels.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
"schedule": { "kind": "cron", "expr": "0 8 * * 1-5", "tz": "America/Chicago" } ... "Ping JB immediately via Discord #rcm-pulse (don't wait for morning)"

The recurring schedule is aligned with the daily pulse purpose, but it is persistent autonomous behavior and includes out-of-schedule escalation messages.

User impactThe skill may continue producing daily outputs and urgent notifications unless the schedule is disabled or constrained.
RecommendationConfirm the schedule, escalation criteria, destination channels, and a clear way to pause or disable recurring runs.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
"Telegram message (JB's morning pulse)" ... "Moltbook post (authority building)" ... "Ping JB immediately via Discord #rcm-pulse"

These actions require account or channel authority, but the registry declares no primary credential, required environment variables, or credential scope for those integrations.

User impactA user cannot tell which accounts, sessions, or tokens the skill expects to use, making it harder to limit where it can post or message.
RecommendationDeclare required credentials and scopes for Moltbook, Telegram, and Discord, preferably using dedicated limited-purpose tokens or bot accounts.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
"Answers go into LEARNING_LOG.md" and "Save to `/workspace/skills/rcm-pulse/pulse_archive/YYYY-MM-DD.md`"

The skill intentionally keeps persistent learning answers and pulse archives for future use, which is purpose-aligned but should be visible to the user.

User impactPersonal learning notes and generated summaries may be retained and reused in future runs, including any mistakes or sensitive business context entered into the log.
RecommendationReview the archive and learning-log retention expectations, and avoid storing sensitive client or patient information in these files.