Console Agent
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may add console.agent calls believing external tools are disabled, while persona shortcuts or defaults could enable web search, hosted code execution, or file-analysis behavior.
The documentation simultaneously says persona tools are defaults and that tools are never activated unless explicitly passed, making the true tool-activation boundary unclear.
Security Persona ... Default tools: `google_search` ... Debugger Persona ... Default tools: `code_execution`, `google_search` ... CRITICAL: Tools are opt-in. They are NOT activated by default.
Verify actual package behavior before use; explicitly set allowed tools per call, disable unused tools, and document whether persona shortcuts ever enable tools automatically.
The API key may grant model access, consume quota, or incur cost if embedded into applications that call console.agent frequently.
The skill requires a Google Gemini API credential for normal operation, while the registry metadata declares no required credentials.
export GEMINI_API_KEY="your-key-here"
Use a restricted or dedicated API key where possible, keep it out of source control, set budget limits, and rotate it if exposed.
Installing the packages will run code that was not present in this review, so package provenance and updates matter.
The runnable implementation comes from external package registries rather than code included in the reviewed skill artifacts.
npm install @console-agent/agent ... pip install console-agent
Review the package source and publisher, pin versions, use lockfiles, and install only from trusted registries.
Runtime data, source snippets, or selected files may be sent to an external AI provider if the user enables or copies these patterns.
The skill is built around sending prompts/context to a Gemini-backed agent and documents an option to include caller source code.
Provider: Google Gemini ... includeCallerSource: true, // Auto-read source file
Avoid passing secrets or regulated data, confirm provider data-handling policies, use anonymization, and turn off source/file context unless needed.
Agent calls may continue after application code proceeds, which can affect observability, cost, and sensitive-data handling if used in production paths.
The docs disclose background asynchronous agent activity after a console.agent call.
Fire-and-forget is the default mode. The call returns immediately and the agent runs asynchronously in the background.
Use awaited/blocking mode for control-sensitive workflows, set timeouts and budgets, and avoid fire-and-forget calls around sensitive production data unless intentional.