Skylv Agent Constitution Guard
ReviewAudited by ClawScan on May 10, 2026.
Overview
Review recommended: this safety skill claims enforceable immutable guardrails, but the supplied artifacts are only instructions, reference a missing JavaScript implementation, and include broad sample permissions.
Use this skill only as a policy template unless the actual guardrail implementation is provided and reviewed. Do not assume it enforces immutable protections by itself, avoid sourcing a missing constitution.js from an unknown location, and tighten any real rules around local file access, escalation channels, and audit-log handling.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user might rely on the skill to prevent unsafe agent actions even though the provided artifacts do not show any mechanism that can enforce those rules.
The skill advertises enforceable protection, but the supplied package is instruction-only with no implementation or install mechanism, so the safety claim is not supported by the artifacts.
This skill provides **enforceable, auditable, multi-layered** protection.
Treat this as design guidance only unless a reviewed implementation is supplied, and make the documentation clearly state what is and is not actually enforced.
The documented commands may fail, or users may be tempted to obtain or create an unreviewed implementation separately.
The instructions rely on a constitution.js runtime, but the artifact manifest contains only SKILL.md and no code files, leaving the referenced implementation absent from review.
node constitution.js init --name "my-agent" --owner "admin@company.com"
Do not run or source a separate constitution.js unless its provenance and contents are reviewed; the package should include or clearly link to the intended implementation.
An agent configured this way could be allowed to read private local files beyond what a task requires.
The setup example permits broad local-file reading, which is sensitive if copied into a real agent policy without path limits, exclusions, or owner approval.
--level mutable ... --action allow ... --scope "file_read" ... --description "Read any local file"
Use path-bounded read permissions, exclude secrets and credentials, and require owner approval for sensitive locations.
Audit logs could contain sensitive targets, payload summaries, or decision history if the implementation records them without redaction.
The skill documents persistent policy and audit storage, which is expected for this purpose but may retain sensitive action details.
Creates `.constitution/` directory with default rules and audit log.
Define retention, access controls, and redaction rules for audit logs before using this in a sensitive environment.