Agentlens
PassAudited by ClawScan on May 1, 2026.
Overview
Agentlens is a coherent code-navigation skill, with minor cautions around trusting generated project docs and any local AgentLens CLI used to regenerate them.
This skill appears safe for codebase navigation. Before using the optional regeneration step, make sure the `agentlens` command comes from a trusted installation, and treat generated .agentlens files as helpful navigation hints rather than unquestioned instructions.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If docs are stale, the agent or user may run whatever `agentlens` binary is available on the machine, so that external tool determines what happens.
The runtime instructions reference a local CLI even though this is an instruction-only skill with no install spec or declared required binary. Running a trusted AgentLens CLI would be purpose-aligned, but the CLI provenance is not established by these artifacts.
Regenerate docs with `agentlens` command if they seem stale
Only run a known, trusted AgentLens CLI, and review generated documentation changes before relying on them.
The agent could be guided by inaccurate or malicious project documentation when deciding where to look or what context to trust.
The skill relies on project-local generated documentation and memory/warning files to guide navigation. This is central to the skill, but those files can be stale, incomplete, or authored inside the project.
Always start by reading `.agentlens/INDEX.md` ... Check memory.md before modifying code
Use .agentlens files as navigation aids, verify important details against the actual source code, and ignore unexpected instructions unrelated to code navigation.