fullstack-engineer
PassAudited by ClawScan on May 5, 2026.
Overview
This is an instruction-only full-stack engineering skill with broad but expected guidance around building web apps, including auth, payments, and deployment.
This skill appears safe to install as an instruction-only full-stack coding assistant. Use care when asking it to work with authentication, payment processors, API keys, databases, or deployment settings, and review any generated code or commands before applying them to real accounts or production systems.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the skill is used for real integrations, secrets or account permissions could be involved.
These are expected full-stack engineering topics, but they can involve real account credentials, payment-provider access, OAuth tokens, and API keys if used in a live project.
- Authentication: OAuth, JWT, session management - Payment integration (Stripe, PayPal) - Third-party API integrations
Use scoped test credentials where possible, avoid pasting production secrets into prompts, and require explicit user approval before using real payment, OAuth, or third-party account access.
Generated migrations, infrastructure, or deployment files could change a project or environment if applied without review.
The requested outputs can affect application data models and deployment behavior if the generated work is applied, although the artifact does not instruct automatic execution.
Provide complete implementation across stack - Include database migrations/schemas - Provide deployment configurations
Review generated migrations and deployment configurations before running them, and use staging environments before applying changes to production.