IBT: Instinct + Behavior + Trust
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only safety and execution policy, with the main things to notice being persistent preference storage and minor version/provenance inconsistencies.
This skill appears safe to install as an instruction-only policy. Before using it, be comfortable with the agent storing non-secret preferences in USER.md, and periodically review or delete that file if preferences become stale or too personal.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may remember communication style, task preferences, and project context, which can improve usability but may also carry stale or unintended assumptions into later tasks.
The skill intentionally creates persistent, reusable agent context. This is disclosed and scoped to preferences, but users should notice that stored preferences can influence future sessions.
stores preferences in USER.md ... Agent reads USER.md at session start ... Agent writes explicit preferences when human states them
Review USER.md periodically, delete outdated preferences, and avoid storing secrets, private messages, credentials, or sensitive financial details there.
The mismatch could make it harder to confirm exactly which documented version you are installing.
The registry lists version 2.9.2 and SKILL.md lists 2.9.1, while _meta.json lists 2.8.0. This is a provenance/versioning inconsistency, though no executable code or install step is present.
"version": "2.8.0"
Confirm the intended package version before relying on version-specific behavior.