v1.0.0

incident-manager

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 1:45 PM.

Analysis

This is a coherent instruction-only incident management skill with no code, credentials, or install steps, though users should supervise any real paging or external communications it helps draft.

GuidanceThis skill appears safe to install as an instruction-only incident management aid. Before using it during a live incident, make sure any pages, Slack/channel actions, status updates, or customer communications are reviewed and approved by the appropriate human incident lead.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

- [ ] Page on-call engineer
- [ ] Create incident channel (#inc-[id])
- [ ] Post initial status

These are real incident-response actions that could affect teams or customers if an agent has messaging, paging, or status-page tools, but they are disclosed and directly aligned with the incident-management purpose.

User impactIf connected to communication tools, the agent could help initiate pages or publish incident updates; incorrect use could cause confusion or unnecessary escalation.

RecommendationUse the skill for drafting and coordination, but require explicit human approval before sending pages, creating channels, or posting internal or customer-facing updates.