v0.1.0

Sre Engineer

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:56 AM.

Analysis

The skill is coherent for SRE work, but it includes default examples for automated production changes and chaos tests that could disrupt systems unless explicitly reviewed and approved.

GuidanceTreat this as a review-before-use skill. It is not showing hidden malware or exfiltration, but its SRE examples include real operational commands. Before using it to generate or run automation, ensure every production-changing action is explicitly approved, dry-run by default, tightly scoped, logged, and paired with rollback instructions.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceMediumStatusConcern

references/automation-toil.md

result = subprocess.run(step.command, shell=True, ...); ... command="kubectl patch service postgres -p ..."; ... success, output = failover_runbook.execute(dry_run=False)

The reference documents automatic shell execution of runbook steps and sets a database failover example to run for real rather than as a dry run, without an explicit approval gate or scope boundary.

User impactIf followed directly, the generated automation could alter database routing, stop writes, or change production infrastructure.

RecommendationRequire explicit user approval before any operational command, default examples to dry-run mode, scope commands to named environments/namespaces, and include rollback and change-review steps.

Cascading Failures

SeverityMediumConfidenceMediumStatusConcern

references/incident-chaos.md

blast_radius="Single database instance, 50% of production traffic" ... subprocess.run(["kubectl", "delete", pod, "-n", self.namespace])

The chaos engineering examples intentionally affect production traffic and delete Kubernetes pods; the artifact includes rollback concepts, but does not require approval, staging, or a small bounded blast radius before execution.

User impactA copied or agent-generated chaos experiment could cause a service outage or amplify an incident across production systems.

RecommendationRun chaos tests first in non-production, require human approval for production tests, start with a very small blast radius, and enforce abort/rollback checks in code.

Rogue Agents

SeverityLowConfidenceHighStatusNote

references/automation-toil.md

# Run as cron job or systemd timer
if __name__ == "__main__":
    healer.run()

The self-healing pattern is disclosed and purpose-aligned, but it describes recurring background remediation that can continue after the initial task.

User impactBackground automation could repeatedly delete logs or restart services if deployed without supervision.

RecommendationDeploy persistent remediation only with clear ownership, least-privilege permissions, audit logs, alerting, and an easy disable mechanism.