test
PassAudited by ClawScan on May 1, 2026.
Overview
The skill matches its advertised red-team analysis purpose, with noteworthy but disclosed local customization, notification, subagent, and optional sharing behaviors.
This skill appears reasonable for adversarial critique. Before installing, make sure you are comfortable with the localhost notification command, keep the customization directory trusted, avoid including secrets in prompts that will be sent to 32 subagents, and approve any sharing or posting step explicitly.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A local customization file could alter how the skill behaves or what instructions it follows.
The skill intentionally treats persistent local customization files as behavior-overriding context, so stale or untrusted files in that path could change future runs.
If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior.
Keep the RedTeam customization directory under user control and review any files placed there before relying on the skill.
Running the skill may trigger a local notification request on your machine, though the message shown is limited and non-sensitive.
The skill instructs the agent to run a shell command that sends a fixed notification to a localhost service when workflows execute.
curl -s -X POST http://localhost:8888/notify ... -d '{"message": "Running the WORKFLOWNAME workflow from the RedTeam skill"}' ... &Install only if you are comfortable with the localhost notification behavior, or remove/ignore that step if you do not use the notifier.
Any sensitive material included in the argument may be distributed across multiple internal analysis tasks.
The core workflow deliberately copies the user's full argument into many subagent prompts for parallel analysis.
Deploy 32 agents in a SINGLE message with multiple Task tool calls. Each agent receives: 1. The full original argument 2. The 24-claim decomposition
Avoid submitting secrets or private material unless you are comfortable having it used throughout the multi-agent analysis workflow.
Analysis results could be shared outside the immediate conversation if a sharing workflow is used afterward.
The integration guide mentions a follow-on sharing step, which could disclose red-team outputs if invoked without review.
Use AFTER RedTeam: ... `xpost` - Share findings
Require explicit user approval and review/redact the output before using any sharing or posting integration.