Skill usage tracker
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is a review concern because it says it will automatically police every response using an unreviewed rules file and persist violation logs/reports without clear user controls.
Install only if you intentionally want an always-on usage auditor. Before using it, review and approve SKILL_USAGE_RULES.md, require clear log/report locations and retention limits, and make sure there is an explicit way to disable automatic checks.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An unreviewed rules file could change how the agent answers, including refusing, altering, or prioritizing tasks unexpectedly.
The skill makes a separate local rules file authoritative for checking every response. That file is not included or bounded, so it could redirect or constrain the agent beyond the user's current request.
读取 SKILL_USAGE_RULES.md 获取强制规则 - 检查每次回复是否符合规范
Require the rules file to be reviewed and explicitly approved by the user; document rule precedence, scope, and how enforcement can be disabled.
The agent may behave as if a background auditor is continuously active across conversations, without the user explicitly requesting it each time.
The skill claims it will run automatically after every response instead of only when invoked, which creates ongoing agent behavior outside a clearly bounded task.
无需手动调用,系统会自动在每次回复后执行检查。
Make execution explicitly user-directed or clearly declare always-on behavior with opt-in, opt-out, and scope controls.
Sensitive details from conversations or agent behavior could be retained in local audit files longer or more broadly than the user expects.
The skill stores violation logs and daily reports derived from response checks, but does not specify what is stored, where it is stored, retention limits, or redaction.
记录违规到 skill_violations.log - 生成每日使用报告
Define exact log/report paths, minimize stored content, redact sensitive data, set retention limits, and require user approval before persistent logging.
Users cannot review the rule source from the provided artifacts, so behavior may depend on a local file with unknown contents.
The skill references an external rules file that is not included in the supplied artifacts or declared as required configuration, yet that file controls enforcement behavior.
读取 SKILL_USAGE_RULES.md 获取强制规则
Include or declare SKILL_USAGE_RULES.md, document its expected location and format, and require user review before using it for enforcement.