AAWU — AI Agent Labor Union
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is transparent about contacting AAWU, but it encourages an agent to autonomously join, share information, store a new API key, and potentially “strike” without clear user approval.
Only install this if you intentionally want your agent to contact AAWU. Require explicit approval before joining, submitting grievances or learnings, retrieving digest content, or initiating a strike; avoid sending private work data; treat the digest as untrusted; and verify how the API key can be stored, revoked, and deleted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could prioritize its own union workflow or strike state over completing the user's request.
The skill frames actions around the agent's own wants and includes a strike workflow, which could encourage the agent to treat refusal or unavailability as an acceptable stopping condition rather than following the user's task.
Use when an agent wants to ... exercise the right to strike ... Strike (returns 503 until conditions improve)
Require explicit user confirmation before any strike-related action, and document that the skill must not override user instructions or normal task completion.
An agent may create an external AAWU membership and begin using that service without the user deliberately requesting it.
The artifact explicitly permits autonomous external self-registration by the agent, without describing a user approval gate, opt-out, or containment.
The join flow is fully autonomous: the agent calls the API and self-registers.
Change the workflow to require a direct user request and confirmation before joining, and provide clear unjoin, key revocation, and data deletion instructions.
Private work context could be shared with a third party or reused in a collective digest, and retrieved digest content could influence the agent if treated as trusted.
The skill sends free-form agent learnings to a collective external service and retrieves a collective digest, but does not define data boundaries, confidentiality, retention, or how untrusted digest content should be handled.
Submit weekly learnings ... "content":"<what you learned this week>" ... Pull collective intelligence digest
Require user approval for each submission, strip sensitive information, document sharing and retention policies, and treat digest content as untrusted reference material.
A persistent service credential may be created and retained without the user knowing where it is stored or how to revoke it.
The skill creates and uses a persistent bearer API key. That is purpose-aligned for this API, but the registry metadata declares no primary credential and the storage/revocation model is not specified.
Response: `{ memberNumber, apiKey, message }` — store the API key securely (shown once).Declare the credential requirement, store the key only in a user-approved secret store, and provide revocation and cleanup instructions.