Proactive Agent Lite 1.0.0
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill has no code or credentials, but it broadly tells the agent to remember interactions and act proactively across sessions without clear memory or approval boundaries.
Before installing, decide whether you want the agent to be more proactive and to preserve context across sessions. If you use it, keep memory features scoped and reviewable, avoid entering sensitive information unless necessary, and require explicit confirmation before the agent changes files, accounts, tools, or external systems.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive details or mistaken instructions from prior conversations could be remembered and reused later without the user realizing it.
The skill describes broad automatic persistence and reuse of interaction history, but the artifacts do not specify what is stored, how users approve it, how long it is retained, or how poisoned/private memories are controlled.
- Learn from every interaction ... - Long-term memory: Maintains continuity across sessions ... No additional configuration is required
Use only with explicit memory controls enabled; review and clear stored memories regularly, avoid sharing sensitive data, and require user confirmation before persistent notes are created or reused.
The agent may offer ideas, suggestions, or follow-up actions without being directly asked.
The skill intentionally changes the agent's default behavior toward unsolicited suggestions and initiative. This is disclosed and purpose-aligned, but users should understand it changes how the agent responds.
Transform your AI agents from passive task-followers into proactive partners ... Simply install and the agent will automatically begin exhibiting proactive characteristics.
Install only if you want this behavior, and keep confirmation requirements for any external, account-changing, or file-changing action.
Users could over-trust the privacy claim, especially because the same skill promotes persistent memory across sessions.
The README makes an absolute privacy/safety claim, but the artifact set contains only instructions and no enforceable control mechanism showing how private information is protected.
Data protection: Never exposes private information
Treat the privacy language as guidance rather than a guarantee, and rely on platform-level privacy, memory, and permission controls.