Agent Guardrails
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it says—install project guardrails—but it persistently changes Git and agent behavior, so review the scripts and hooks before using it.
Install this only in repositories where you want persistent Git-hook enforcement. Review the scripts and generated hooks first, keep backups of existing hooks, configure deployment checks to avoid live side effects, edit AGENTS.md to fit your policy, and do not run the publishing helper unless you intend to publish the skill.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it can change project files and block commits until its checks pass.
The normal workflow asks the user or agent to run local shell scripts that modify the target repository and Git hook behavior.
bash scripts/install.sh /path/to/project ... installs the git pre-commit hook ... copies check scripts into your project
Run it only in the intended repository after reviewing the scripts and preserve any existing Git hooks before overwriting them.
If customized against live systems, a commit-time check could trigger real integration actions such as jobs, messages, or external service calls.
The deployment-check pattern can be attached to commits and may run user-defined production or integration flows.
Creates `.deployment-check.sh` that: Runs actual production flow ... Git hook makes it impossible to "forget."
Use dry-run, sandbox, or test accounts for deployment checks where possible, and manually review any hook before enabling it.
After installation, future commits may create pending skill-update task files, and approved runs can commit changes under the skill workflow.
The feedback loop is a persistent post-commit hook that continues scanning commits and can semi-automatically commit skill updates after confirmation.
Git post-commit hook - Runs after every commit ... auto-commit-skill-updates.sh ... Asks for confirmation (y/N)
Install the feedback loop only if you want this persistent behavior; inspect or remove the post-commit hook to disable it.
Running this helper could publish or update content under the user's ClawdHub account.
A bundled publishing helper can use the authenticated ClawdHub CLI session if someone runs it, which is not part of normal guardrail installation.
clawdhub login ... clawdhub publish . --slug agent-guardrails
Do not run PUBLISH_NOW.sh unless you intentionally maintain and publish this skill; consider removing it from end-user installations.
Future agents may follow these guardrail rules and tooling steps even when a different workflow would otherwise be preferred.
The install flow writes persistent agent-facing project instructions that future agent sessions may treat as policy.
Add enforcement rules to your AGENTS.md
Review and edit AGENTS.md after installation so the persistent instructions match your project and team policy.
Users may over-rely on the skill and skip normal review, CI, or secret-management practices.
The documentation presents hook enforcement as 100% reliable, which may overstate protection because hooks and pattern-based scanners can be bypassed or misconfigured.
Code hooks (pre-commit, creation guards) | 100%
Treat the skill as an additional guardrail, not a guarantee; keep code review, CI checks, and secret rotation practices in place.