v1.0.0

Data Breach Response

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:39 AM.

Analysis

The skill appears purpose-aligned for generating breach response plans, but users should be aware it sends organization and security posture details to an API from an unknown-provenance source.

GuidanceThis skill is instruction-only and appears coherent for breach-response planning. Before installing or using it, confirm who operates the API and how submitted company, compliance, security-tool, and session information is stored or shared.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry metadata does not provide a source repository or homepage, limiting the user’s ability to verify the provider or service provenance.

User impactUsers have less context for deciding whether to trust the API that receives organization profile information.

RecommendationVerify the publisher and service endpoint through trusted channels before sharing sensitive organizational details.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

openapi.json

"companyName", "industry", "companySize", "dataTypes", "existingTools", "compliance", "sessionId"

The plan-generation request schema includes organization identity, handled data types, deployed security tools, compliance obligations, and session identifiers, which would be sent to the API to generate the playbook.

User impactSubmitting detailed organization and security posture information could expose sensitive business context if the API provider or its retention practices are not trusted.

RecommendationSubmit only the minimum necessary details, avoid including live incident secrets or regulated personal data, and verify the provider’s privacy, retention, and access controls before use.