horus
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts describe an instruction-only constraint-ledger protocol with no installer, code, credentials, or hidden execution, but users should notice that it may store, export, or share observations if used as designed.
This appears safe to install based on the provided artifacts. Treat it as an instruction-only protocol document: do not place secrets or sensitive observations into ledgers unless you intend them to be retained or exported, and review any future implementation, endpoint, or shared-ledger setup before using it.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you put private or sensitive information into the observation ledger, it may appear in exported traces.
The protocol intentionally retains and serializes ledger contents. This is purpose-aligned, but those records could include sensitive user-provided observations or metadata and could be reused or over-trusted later.
EXPORT_TRACE ... Serialize complete system state ... Include all observations, constraints, violations
Avoid entering secrets or private data unless you intend them to be retained/exported, and review trace contents before sharing them.
Data placed in a shared ledger could be visible to other systems or interpreted by them if the protocol is implemented that way.
The design contemplates cross-agent/shared-ledger coordination. No endpoint, credential, or automatic network behavior is required in the artifacts, but shared ledgers create data-boundary and origin-trust considerations.
enable coordination between heterogeneous AI systems (AGIs) through shared constraint ledgers
Only connect or share ledgers with systems you trust, and confirm what observations, constraints, and metadata will be transmitted.