War Intelligence Monitor
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for emergency monitoring, but it asks for persistent scheduled monitoring and external alerts using highly sensitive location and shelter details without clear lifecycle or privacy controls.
Only install or use this if you are comfortable storing sensitive safety details in a local config file and sending alerts through a chosen messaging service. Before setup, explicitly approve the alert channel, frequency, duration, data included in alerts, and a clear stop/remove procedure. Verify all emergency information with official sources and do not rely on the agent as your only warning system.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could set up ongoing monitoring and alerting that continues to run, send messages, or make web queries after the user no longer expects it.
This asks for recurring background activity that can continue after the initial interaction, but the artifacts do not provide stop, cleanup, maximum duration, logging, or approval boundaries.
Ask the agent to create cron jobs: ... Create urgent monitoring cron (every 30 min) ... Create daily briefing cron (3x daily at 8am, 2pm, 8pm) ... Send alerts to [Discord/Telegram/etc.]
Require explicit user approval before creating any scheduled job, show the exact cron entries, set a bounded duration, and include clear disable/removal instructions.
Exact location, shelter, evacuation, or conflict-related safety information could end up in chat histories, bots, webhooks, or shared channels.
The skill directs the agent to read highly sensitive location and shelter data and send alerts to third-party messaging channels, but it does not define destination verification, credential handling, or what sensitive fields should be excluded.
user_location: Your home address, coordinates, and nearest shelters ... Send alerts to [Discord/Telegram/etc.]
Use only private, verified alert channels; avoid including exact coordinates or shelter details unless necessary; and document how messaging credentials and alert contents are protected.
Anyone with access to the workspace or copied config file may learn the user's location, shelter plan, evacuation target, and emergency contacts.
The skill stores persistent personal safety information for reuse by the agent. This is purpose-aligned, but the data is highly sensitive in a conflict-zone context.
"user_location": { ... "coordinates": [0.0, 0.0], "shelter_primary": "Building basement / underground parking" ... }, ... "emergency_contacts"Keep the config in a private location, restrict file sharing, redact sensitive fields before sending alerts or logs, and delete the file when monitoring is no longer needed.
A user in a dangerous situation may over-trust automated forecasts or action recommendations and delay checking official emergency instructions.
The skill frames model-generated monitoring and forecasts as emergency intelligence, but the artifacts do not provide a verified official alert feed, confidence scoring, or strong warnings against relying on the agent as an authoritative safety source.
Real-time conflict monitoring system with location-based threat assessment ... 📊 Next 24-72h forecast: {prediction}Treat outputs as advisory only, require citations and timestamps, prioritize official emergency sources, show uncertainty clearly, and tell users to follow local authorities and embassy alerts.