Firm Delivery Export
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or enabling the skill may give the agent access to more team systems than needed for the user’s immediate export task.
The skill requires credentials for multiple external services at once, while the supported-format table indicates each token is only needed for a specific output type.
requires:\n env:\n - GITHUB_TOKEN\n - JIRA_API_TOKEN\n - JIRA_BASE_URL\n - LINEAR_API_KEY
Make credentials optional per target, use least-privilege project/repository-scoped tokens, and only expose the token for the specific destination being used.
An agent could create tickets, PRs, or messages from workflow output before a human has reviewed the content or destination.
The instructions explicitly support automatic publication into team tooling. GitHub PRs have draft/review safeguards, but the artifacts do not clearly require user confirmation before other external mutations such as Jira, Linear, or Slack outputs.
2. Run firm-delivery-export automatically:\n → Creates draft PR "docs: Payment service API documentation"\n → Branch: ai/document-payment-service-api\n → Labels: ai-generated, needs-review, documentation\n → Assigns to @team-engineering for review
Require an explicit preview and user approval before every external publish action, and default to local markdown output when approval is not present.
Private workflow results could become visible in GitHub, Jira, Linear, or Slack depending on the selected export target.
The merged workflow output is intentionally sent to external providers or a webhook. This is purpose-aligned, but the content may contain internal project information.
"body": "## AI-generated delivery\n\n{merged_output}\n\n---\n_Generated by firm-orchestration_" ... "description": "{merged_output}" ... `slack_digest` | Slack message via webhookReview the merged output before publishing and avoid sending secrets, customer data, or confidential internal information to destinations where it should not appear.
Users have limited external context for who maintains the skill and how its suggested integrations are intended to be implemented.
The provided artifacts do not include runnable code or a public source/homepage to inspect. That is not malicious by itself, but it limits provenance review for a skill that uses privileged service tokens.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Prefer a version with a verifiable source repository and documented credential scopes, especially before granting production GitHub, Jira, or Linear tokens.