Bolt Sprint
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.
Install only if you trust the configured Bolt server and are comfortable letting the agent manage sprint data there. Before allowing write, delete, batch, file-upload, or activity-log actions, confirm the project/story IDs and avoid including secrets in uploaded files or log messages. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the wrong project, sprint, or story IDs, the agent could change or remove task-tracking data.
The skill intentionally gives the agent API workflows that can mutate or delete Bolt project-management records. This matches the sprint-management purpose, but users should notice the write authority.
- **Create, update, and delete** stories ... Run **batch operations** — move or patch many stories in one request
Review and explicitly approve destructive or broad write actions, especially deletes, batch updates, and sprint closure.
A powerful Bolt token could let the agent read or modify more project data than intended.
The skill uses a configured Bolt endpoint and optional API token for authenticated requests. This is expected for the integration, but it grants the agent whatever access that token has.
export BOLT_BASE_URL="http://localhost:4000" ... export BOLT_API_TOKEN="your-token-here"
Use a trusted Bolt server, keep the token out of shared logs, and prefer least-privilege or project-scoped credentials if Bolt supports them.
Sensitive code details, internal notes, or uploaded files could become visible in Bolt if the agent logs or uploads them.
The skill can send activity messages and selected files to the configured Bolt server, where they may be stored or visible to collaborators. This is disclosed and purpose-aligned.
- Log **AI activity** as agent session events (visible in the Bolt UI) - **Upload and retrieve files** attached to stories or projects
Only upload intended files and avoid putting secrets or sensitive internal details into agent activity logs.
A mistaken batch request could propagate an incorrect status or assignment across several stories.
The workflows include batch operations that can affect multiple stories in one request. The API also documents dry-run support, so this appears intended rather than hidden.
## 7. Bulk Story Updates (Batch Operations) ... "items": [ {"id": "story_1", "status": "completed"}, {"id": "story_2", "status": "completed"} ]Use dry_run for batch operations when available and confirm the affected story list before committing.