Taku Build
PassAudited by ClawScan on May 11, 2026.
Overview
This is a transparent coding workflow that can change project files and run local setup/test commands, but the provided artifacts do not show hidden data access, credential use, or exfiltration.
Install this if you want an agent to implement an approved coding plan. Use it in a clean branch or worktree, expect local tests/dependency commands, and avoid granting unrelated payment or crypto capabilities because the reviewed skill files do not need them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the worktree workflow can change local repository history, though the change is narrow and explained.
The worktree setup may automatically modify .gitignore and create a git commit if the worktree directory is not ignored.
echo ".worktrees/" >> .gitignore git add .gitignore && git commit -m "chore: add .worktrees/ to gitignore"
Use it in a clean branch or worktree and confirm repository commits are acceptable before letting the agent perform setup changes.
Dependency installation and test/build commands may run code from the current project or its dependencies.
The skill documents package manager and build commands that can execute project or dependency code as part of expected development setup.
[ -f package.json ] && npm install [ -f Cargo.toml ] && cargo build [ -f requirements.txt ] && pip install -r requirements.txt [ -f pyproject.toml ] && poetry install [ -f go.mod ] && go mod download
Run this only in trusted repositories or isolated worktrees, and review dependency changes before allowing installs in sensitive environments.
Parallel implementation could cause conflicting or wider-than-intended code changes if not reviewed.
The skill may coordinate parallel or hybrid implementation waves, which can spread mistakes across multiple files, but it includes reconciliation checks.
Choose execution mode yourself: sequential, parallel, or hybrid. ... After every parallel or hybrid wave: check for overlapping file changes
Review the BUILD PREFLIGHT and BUILD UPDATE ledgers, especially when the skill selects parallel or hybrid mode.