MEV Engine
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may follow this framework, run extra steps, or resist simpler user-directed workflows even when the user did not want it applied.
The skill frames its own workflow as exclusive and highest-priority, which can redirect task execution and conflict with user intent or normal agent priority handling.
**No exceptions — all tasks must go through MEV.** ... **Prime Directives (Safety Baseline, Highest Priority)**
Make MEV explicitly opt-in for each task, honor user skip requests, and remove or soften 'highest priority', 'no exceptions', and 'unskippable' wording in persistent agent instructions.
The skill may fail at runtime or cause users/agents to obtain and run unreviewed helper code from elsewhere.
The skill requires or advertises these runtime helpers, but the supplied package only includes log-experiment.mjs, log-learning.mjs, and promote-learning.mjs; the mandatory/preflight/upload code is therefore not reviewable here, and Node is not declared in metadata.
`node scripts/mev-prefight.cjs` ... `scripts/framework-check.cjs` ... `scripts/tavily-probe.cjs` ... `scripts/ima-upload.cjs`
Include all referenced scripts in the reviewed package, declare Node as a required binary, and remove mandatory execution steps for helpers that are not shipped.
Task outputs or knowledge artifacts could be uploaded to an unclear destination if the agent follows the default delivery flow.
The delivery layer directs an upload to an undefined IMA knowledge base, but the artifacts do not define the destination, data scope, approval flow, credentials, or included upload implementation.
✅ Upload to IMA via `node scripts/ima-upload.cjs`
Treat IMA upload as off by default, require explicit user approval with exact content and destination, and document or include the upload implementation before enabling it.
A bad or maliciously influenced 'learning' could persist across sessions and change how the agent behaves later.
The script can append arbitrary promoted learning text directly into persistent agent instruction files. Combined with the skill's mandatory memory/learning loop, mistaken or untrusted content can become future agent guidance.
workflow: path.join(workspace, 'AGENTS.md'),
tools: path.join(workspace, 'TOOLS.md'),
behavior: path.join(workspace, 'SOUL.md') ... fs.appendFileSync(file, `\n- ${text}\n`);Keep promotion manual, require a visible diff and explicit approval before modifying AGENTS.md, TOOLS.md, or SOUL.md, sanitize untrusted text, and provide rollback instructions.