skill-enhance

AdvisoryAudited by Static analysis on May 12, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI02: Tool Misuse and Exploitation

What this means

If used for local modification, the agent may change files in a skill package, potentially affecting how that skill behaves later.

Why it was flagged

The skill can guide an agent to modify local skill files, which is a real local mutation capability, but the workflow explicitly requires confirmation and reporting.

Skill content

- ask for edit confirmation
- modify only after confirmation
- report the exact local changes

Recommendation

Confirm the exact target path and requested edits, and review the reported changes before relying on the modified skill.