v0.1.0

Monday Ops

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:30 PM.

Analysis

The skill is a coherent monday.com helper, but it merits review because it can make broad workspace changes, including deletes, schema changes, public boards, and arbitrary API mutations, without consistently requiring explicit confirmation.

GuidanceUse this skill only with the intended monday.com account and workspace. Ask the agent to show a plan and wait for explicit confirmation before deletes, column/schema changes, bulk operations, public board creation, or `all_monday_api` use, and review any cross-service sharing of meeting, calendar, or email content.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceMediumStatusNote

SKILL.md

Trigger on phrases like "monday board", "create a task", "update status", "sprint summary", "move item"

Some trigger phrases are generic task-management language, so the agent could interpret a non-monday.com request as a monday.com operation unless it clarifies user intent.

User impactThe agent might open or use monday.com for a generic task/status request when the user did not intend that workspace to be changed.

RecommendationRequire explicit monday.com intent, or ask a clarifying question before invoking the connector for generic task or status requests.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

`delete_item` | Permanently delete an item ... `delete_column` | Remove a column from a board ... `all_monday_api` | Execute arbitrary GraphQL queries/mutations ... Phase 3: Execute — Call the MCP tools in the planned order.

The skill exposes destructive and raw API mutation capabilities, then instructs the agent to execute planned tool calls without a consistent explicit-approval rule for deletes, schema changes, bulk edits, or arbitrary GraphQL mutations.

User impactA mistaken or overly broad instruction could permanently delete items, remove columns, or make wide-ranging monday.com workspace changes.

RecommendationRequire a visible plan and explicit user confirmation before destructive, schema-changing, bulk, or `all_monday_api` operations; prefer scoped MCP tools over arbitrary GraphQL when possible.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

references/workflows.md

Ask the user: ... Any specific team members to add? ... create_board(name="Project Name", board_kind="public")

The project-board workflow asks for project details and team members but defaults to creating a public board, which can broaden visibility beyond what the user intended.

User impactProject tasks, assignees, due dates, and notes could be visible more widely in the monday.com workspace than expected.

RecommendationAsk the user to choose board visibility before creating boards, and avoid defaulting to public boards for potentially sensitive projects.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceMediumStatusNote

references/workflows.md

Fireflies: fireflies_get_summary(transcriptId) → extract action items ... create_update on each item with meeting context ... Gmail: create_draft(to=email, subject="Task Complete: [Item Name]", body=...)

The workflow examples move meeting transcript context and task/contact information across multiple providers, which is purpose-aligned but needs careful data-boundary handling.

User impactMeeting excerpts, task details, or assignee contact information could be copied into monday.com, calendar events, or email drafts where more people or services can access them.

RecommendationConfirm before copying meeting, calendar, or email-related content across services, and include only the minimum necessary context.