DreamCycle
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may run package code that was not included in this review.
The skill directs installation of an external Python package, but the provided artifact set contains only SKILL.md and no package code to inspect. This is purpose-aligned for a CLI skill, but users should verify the package source.
pip install dreamcycle
Install only from a trusted package source, verify the GitHub/PyPI identity, and consider pinning or reviewing the package before use.
Private prompts, outputs, or failure details in session logs may be processed and summarized into a persistent local history file.
The skill is designed to read agent message logs and persist trend history. That is disclosed and central to the purpose, but session logs can contain sensitive user data or misleading content that could affect future trend analysis.
Session files must be JSON format with a `messages` array containing `role`/`content` fields ... Trend data is stored at `~/.dreamcycle/scan_history.json`
Run it only on intended log directories, avoid logs containing secrets when possible, and delete or inspect ~/.dreamcycle/scan_history.json if you do not want retained trend data.