SlowMist Agent Security
PassAudited by ClawScan on May 1, 2026.
Overview
This is an instruction-only security review framework with no code, install steps, or credential requirements; its main effect is to make the agent more conservative during security reviews.
This skill appears safe to install as an instruction-only security framework. Expect it to make the agent more cautious, use fixed report templates, and sometimes recommend blocking or pausing risky actions. If using the on-chain review features, be aware that address checks may rely on external risk-intelligence services.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may apply conservative security-review behavior, standardized report formats, and refusal or confirmation requirements during relevant tasks.
The skill intentionally changes when the agent should enter a security-review mode. This is aligned with its stated purpose, but users should know it may reroute broad interactions into formal review flows.
This framework activates whenever the agent encounters external input that could alter behavior, leak data, or cause harm
Use this skill when you want security-review behavior, and keep final decisions under human control for high-impact actions.
Blockchain addresses or transaction-related details may be checked against external AML/risk-intelligence services if such tools are available.
The on-chain review flow may involve querying an external risk-intelligence provider or another skill with blockchain addresses. This is purpose-aligned, but it is still an external data flow users should recognize.
Before any on-chain interaction, query available risk intelligence: ... AML risk score | MistTrack API or similar
Confirm which risk-intelligence provider is being used before sharing addresses that could be sensitive or linked to your identity.