argus
ReviewAudited by ClawScan on May 10, 2026.
Overview
Argus is mostly coherent testing automation, but it persists a Git hook and may rewrite recent commit messages without clearly requiring user confirmation.
Before installing, decide whether you want a persistent Git post-commit hook in the repository. Inspect generated .argus files and .git/hooks/post-commit, require confirmation before any commit amend, use only test-scoped credentials, and review dependency installation commands or pin versions where possible.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your latest commit message or Git history could be changed unexpectedly, which may confuse collaborators or alter audit history if used at the wrong time.
This instructs the agent to change the most recent Git commit based on its own commit-message scoring. The visible artifact mentions checking whether the commit was pushed, but does not clearly require explicit user approval before amending.
"Triggered by: post-commit hook or manually reviewing the last commit" ... "Generate enrichment block. Amend the commit (only safe before push):"
Require an explicit confirmation before any git commit --amend operation, skip protected/shared branches, show a dry run of the proposed message, and document rollback steps.
After initialization, future commits in that repository can trigger Argus hook behavior until the hook is removed.
The initialization flow installs an executable Git post-commit hook that persists in the repository and runs on future commits. This matches the stated commit-monitoring purpose, and the visible hook currently logs locally, but it is still persistent behavior.
"cp .argus/commit-hook.sh .git/hooks/post-commit" and "chmod +x .git/hooks/post-commit"
Install only in repositories where ongoing commit monitoring is desired, inspect .git/hooks/post-commit after init, and remove the hook to disable it.
First use may install Python/browser-testing dependencies whose exact versions are not shown in these artifacts.
The README says dependencies will be automatically installed on first run, but the provided artifacts do not show pinned versions or the exact install commands. This is purpose-aligned for a testing skill, but users cannot review dependency provenance from the provided package.
"pytest + pytest-asyncio", "httpx", "playwright" ... "所有依赖会在首次运行时自动安装。"
Confirm before dependency installation, prefer pinned versions, and review any generated install commands before running them.
A real account token could be sent during tests if you point the tests at a non-local or production service.
Generated backend tests may use an environment token for authenticated API testing. This is expected for the skill's purpose, but the token could grant access to whichever service TEST_BASE_URL targets.
"auth_headers" fixture "reads TEST_AUTH_TOKEN from env"
Use a dedicated test token with minimal privileges and keep TEST_BASE_URL pointed at a safe test or local environment.
Mistaken or malicious commit messages/files in the repository could influence future generated tests or locked test behavior.
The skill persists a catalog derived from route scans, Git history, and bugfix files, then treats certain entries as locked or authoritative in future runs. This is central to its regression-testing design, but incorrect or contributor-controlled repository content can persist into later test decisions.
"catalog.md # test knowledge base — source of truth" and "Protection: locked"
Review .argus/catalog.md before trusting it, especially in shared repositories, and keep generated persistent state under normal code-review controls.