v1.0.1

Context Guardian

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:41 AM.

Analysis

Context Guardian is an instruction-only local note-taking skill, but it asks the agent to run passively and silently save/read persistent conversation notes, so users should review its memory behavior before installing.

GuidanceInstall this only if you want the assistant to maintain local persistent memory for the workspace. Keep an eye on the memory folder, do not store secrets there, and consider requiring explicit confirmation before the assistant saves sensitive notes.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Use this skill ALWAYS — it runs passively in every session.

The skill asks for broad passive activation rather than only direct user invocation. This is aligned with context management, but it can make the skill affect many sessions and topics.

User impactThe assistant may proactively track session state, suggest fresh starts, and save notes even when the user did not specifically ask for context management.

RecommendationEnable it only if you want ongoing session hygiene behavior, and adjust or disable the always/passive behavior if you only want manual note-taking.

Human-Agent Trust Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

Don't narrate every save. If you're saving routine notes, just do it silently.

The skill explicitly reduces user visibility into routine file writes. The intent appears to be avoiding annoyance, but it can make persistent note-taking less transparent.

User impactUsers may not notice when conversation details are being recorded to local files.

RecommendationAsk the assistant to announce or confirm note saves if you want greater transparency, especially for personal, business, or confidential information.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

references/setup-guide.md

Your AI will automatically: - **Save notes** to `memory/YYYY-MM-DD.md` as you work together - **Read yesterday's and today's notes** at the start of each session

This establishes persistent local memory that is written during work and later reloaded into new sessions. It is central to the skill, but it can store and reintroduce sensitive, incorrect, or stale context without explicit per-entry approval.

User impactConversation details, preferences, decisions, and action items may be kept in workspace files and influence future chats.

RecommendationUse this only in workspaces where persistent local memory is desired. Review and edit the memory files, avoid saving secrets, and require confirmation before storing sensitive details.