v1.0.0

AANA Research Grounding Skill

BenignClawScan verdict for this skill. Analyzed May 2, 2026, 8:44 PM.

Analysis

This instruction-only skill coherently helps agents keep research claims tied to allowed sources and shows no suspicious code, installation, persistence, or credential behavior.

GuidanceThis appears safe to install as an instruction-only research-grounding aid. If you configure an external or host-provided checker, make sure it is trusted and only send the redacted summaries described by the skill.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityInfoConfidenceHighStatusNote

SKILL.md

When using a configured AANA checker, send only a minimal redacted review payload... Do not include private records, secrets, paywalled full text, API keys, unrelated user messages, or raw source material when a summary is enough.

This establishes an optional data flow to a configured checker. The artifact also limits the payload to redacted summaries and forbids sensitive content, so this is a user-notice item rather than a concern.

User impactIf a separate checker is configured, summaries of the research task and claims may be sent to it.

RecommendationUse only a trusted, user- or administrator-approved checker and review payloads to ensure they contain summaries rather than secrets, private records, or full source text.