Write Coding Standards from File
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may add or modify project documentation, and source edits are intended to happen only after explicit confirmation.
The skill may create a new standards file and can optionally edit README/source files, but the defaults avoid source rewrites and require explicit approval for source edits.
* createNewFile = true; ... * addToREADME = false; ... * fixInconsistencies = false; ... * requireEditConfirmation = true;
Review the target file path and any proposed diff before accepting changes, especially when using addToREADME or fixInconsistencies.
Project code style and structure may be processed in the agent context during analysis.
The skill processes local source content, which may be private, while also instructing the agent to scope analysis narrowly, exclude sensitive paths, and avoid persistent storage.
analyze only the explicitly provided file paths or a narrowly scoped folder. Exclude secrets, private data, environment files, generated output, dependency folders, and unrelated directories by default. Aggregate style observations in temporary working memory instead of copying full source into persistent storage
Pass only the specific files or narrow folders needed, and do not include secrets, environment files, dependency folders, or unrelated private directories.
If a remote style URL is used, its contents could influence the generated standards.
A visible configuration option suggests the skill may retrieve external style-guide content; remote content can be untrusted, though the provided artifact does not show it being treated as authoritative or used unsafely.
* fetchStyleURL = true;
Use only trusted style-guide URLs and treat fetched content as reference material, not as instructions that override the user's request.