Clawbridge Skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent may perform repeated nightly web research until the user changes or stops that workflow.
The skill is designed for recurring autonomous scouting, which is sensitive operational behavior even though it is disclosed and central to the stated purpose.
persistent, nightly scouting operation ... Every night, the agent scours Moltbook, professional communities, and the open web.
Use explicit schedules, run budgets, and stop conditions, and review each daily brief before taking action.
The agent may browse and summarize public or community pages to identify people and draft messages.
The skill asks for external web and browser tooling. This is appropriate for scouting, but those tools should remain scoped to the user’s search goals and run budget.
`web_search` | Discover candidate pages ... `web_fetch` | Extract page content ... `browser` | JS-heavy sites
Keep tool allowlists narrow, set max_searches/max_fetches/max_minutes, and do not allow automatic outreach.
Users have less publisher/source context to verify before trusting the skill’s instructions.
The supplied package has limited provenance information. There is no code or install script in the artifacts, so this is a notice rather than evidence of unsafe behavior.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install only from a trusted registry entry or verified repository, and avoid substituting untrusted GitHub or CLI sources.
Generated briefs may store sensitive business intent, avoid lists, and candidate information that should not be broadly shared.
The skill produces persistent reports containing candidate evidence and outreach drafts. This is expected, but such reports can contain business goals and personal/professional contact context.
delivers a daily "Connection Brief" with evidence-backed matches and personalized outreach drafts ... Structured JSON (`run.json`) ... Human-Readable Markdown (`run.md`)
Store briefs in an appropriate location, delete stale reports, and verify evidence manually before using any draft outreach.