Accessibility Toolkit 1.0.0
WarnAudited by ClawScan on May 10, 2026.
Overview
This instruction-only accessibility skill is purpose-aligned, but it encourages agents to skip confirmations and automate smart-home actions like unlocking doors, which needs careful review before use.
Use this skill only with clear safety rules. Keep accessibility-friendly low-friction flows for safe actions, but require explicit approval for locks, doors, security devices, health-related routines, and any automation learned from conversation history. Review any Home Assistant templates before enabling them, and do not run referenced scripts unless they are separately supplied and reviewed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could change home devices, notifications, or locks too quickly or without enough confirmation, creating safety or security problems if it misunderstands the user or the situation.
The instructions encourage acting without confirmation while also providing smart-lock automation examples. Door/security actions and similar smart-home changes are not always safely reversible and need explicit user-controlled boundaries.
"Never require confirmation for reversible actions. Just do it." ... "service: lock.unlock" ... "entity_id: lock.front_door"
Require explicit approval for smart locks, doors, security systems, medical or health-related routines, account changes, and any action that is not clearly safe and reversible. Define a strict whitelist of no-confirmation actions.
A bad sensor reading, geofence error, or misconfigured automation could unlock a door or trigger other home changes at the wrong time.
The Home Assistant example lets one presence/location trigger fan out into multiple smart-home actions, including unlocking the front door. A false location signal or automation mistake could propagate into a physical-security action.
trigger: ... entity_id: person.human ... event: enter ... action: ... service: scene.turn_on ... service: lock.unlock
Use fail-closed defaults for locks, add multiple conditions before security actions, require user confirmation where feasible, and test automations in a non-destructive mode before enabling them.
Private conversation details could be used to create reminders or automations, and misunderstood historical requests could influence future agent behavior.
Conversation history can contain sensitive personal information. The skill suggests analyzing it for recurring patterns, but does not define data scope, retention, review, or how learned patterns are approved before becoming automations.
`scripts/friction_audit.py`\nAnalyzes your conversation history to find repeated requests.
Limit which conversation history can be reviewed, avoid storing unnecessary summaries, and require user review before turning inferred patterns into recurring automations.
Users may assume referenced helper scripts were reviewed with this skill even though they are not included in the provided artifacts.
The skill references helper scripts, but the supplied package contains no script files and no install spec. If users obtain or run similarly named scripts elsewhere, that code is outside this review.
### `scripts/friction_audit.py` ... ### `scripts/voice_commands.py` ... ### `scripts/ha_templates.py`
Do not run external or later-provided scripts unless they are separately reviewed, sourced from a trusted location, and matched to the expected functionality.