AFOL
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a downstream provider skill is used incorrectly, it could change marketplace or account records such as listings, orders, feedback, coupons, or notes.
This shows the router anticipates provider workflows that can mutate marketplace or account data. The same instruction requires explicit approval, making it a purpose-aligned note rather than a concern.
Do not create listings, orders, feedback, member notes, or coupons unless the user explicitly asks and approves the exact write.
Keep the workflow read-only unless you explicitly ask for a change, and require a dry run or exact confirmation before any provider write.
Configured provider tokens may allow access to private collection, portfolio, or marketplace account data, and in some provider skills may enable writes.
The skill supports optional provider credentials and OAuth tokens that can unlock private collection or marketplace account access. The artifacts disclose this and say not to print secrets, but these credentials are sensitive.
export REBRICKABLE_USER_TOKEN=... # optional private Rebrickable collection reads/writes ... export BRICKLINK_API_CONSUMER_SECRET=... ... export BRICKLINK_API_TOKEN_SECRET=...
Configure only the provider credentials you actually need, prefer scoped or revocable tokens, and avoid enabling write-capable credentials unless required.
The documented command may fail or require manual adjustment, such as running the Python file directly.
The supplied manifest lists `scripts/afol_cli.py` but not a `scripts/afol` wrapper, so the documented executable appears to be missing. This is a packaging/coherence issue, not evidence of malicious behavior.
Primary interface: `scripts/afol`.
Verify the installed files before use; the maintainer should either include the `scripts/afol` wrapper or update the documentation to the actual script path.
Collection valuations, store data, or sales-ledger details could reveal private financial or account information in the chat context.
The skill may cause private provider data to be retrieved into the agent context. The instruction includes a useful minimization guardrail, but users should understand the sensitivity of that data.
Treat collection and sales-ledger payloads as private financial/account data; summarize, do not dump raw rows.
Ask for aggregate summaries where possible, avoid raw exports unless necessary, and do not share sensitive account or ledger details beyond the intended task.