ClawHub
Back to skill
v0.1.0

Agent Development

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:57 AM.

Analysis

This instruction-only skill has no code, but it recommends broad agent permissions and approval-bypassing settings that users should review before applying.

GuidanceReview the permission templates before using this skill to create or modify agents. Prefer per-agent tool scopes, avoid blanket WebFetch(domain:*), and do not suppress approval prompts for file writes or shell commands unless you trust the project and understand the impact.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
rules/custom-agent-instructions.md
## 2. Give All Tools to All Agents ... tools: Read, Write, Edit, Glob, Grep, Bash ... "WebFetch(domain:*)" ... "This avoids permission prompts without limiting agent capabilities."

This advises broad file-write, shell, and unrestricted web-fetch permissions for all future agents, and explicitly frames the allowlist as a way to avoid prompts rather than as narrowly scoped permission.

User impactIf applied, future agents may edit files, run allowed shell commands, or fetch from any domain with fewer approval prompts, increasing the impact of mistakes or unsafe prompts.
RecommendationUse least-privilege tool lists per agent, keep approvals for writes/shell/network where practical, and scope WebFetch to known domains instead of domain:*.
Agent Goal Hijack
SeverityLowConfidenceHighStatusNote
rules/custom-agent-descriptions.md
description: "[Role] specialist. MUST BE USED when [specific triggers]. Use PROACTIVELY for [task category]."

The skill intentionally teaches strong trigger wording for automatic delegation. This is purpose-aligned, but broad 'MUST BE USED' and 'Use PROACTIVELY' triggers can make agents activate more aggressively than a user expects.

User impactCustom agents created from this guidance may be invoked automatically for broad task categories.
RecommendationKeep auto-delegation triggers specific, avoid broad mandatory language unless necessary, and test when each custom agent activates.