failures-md
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill coherently creates a local failure journal, but users should avoid storing secrets or account-session details in that persistent log.
This skill appears safe to install as an instruction-only local journaling framework. Before using it, clear irrelevant bundled examples if desired, and make a habit of redacting API keys, tokens, account identifiers, private project details, and login-session notes from FAILURES.md.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Future agent behavior may be influenced by whatever is stored in the failure log, including incorrect lessons or overly specific past-context assumptions.
The skill directs the agent to maintain a persistent failure log and review it later, making it reusable context for future tasks.
1. 在你的 AI Agent 工作区创建 FAILURES.md 2. 每次失败后按模板记录 3. 每周定期回顾
Review the log periodically, remove obsolete or misleading entries, and treat it as advisory memory rather than authoritative instructions.
If real secrets, tokens, account names, or login-session details are recorded in this file, they could be exposed to future agent context or copied into later work.
The included failure-log examples contain credential- and session-adjacent operational details, even though the API key itself is masked.
使用 API Key (moltbook_sk_xxx) ... API Key 完全有效 ... 或者用浏览器自动化(需要登录态)
Keep real credentials out of FAILURES.md, redact account/session details, and remove bundled example entries that are not relevant to the current user.