skill rules designer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent and user-controlled, but it can read and edit local skill files after approval, so review its restructuring plan before letting it write changes.
This looks safe for its stated purpose. Before installing or using it, be comfortable with it reading a target skill directory and, after you approve a plan, editing SKILL.md and rules files. Use backups or version control, and do not point it at directories containing unrelated secrets or private data.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the assistant may create rules files and update SKILL.md, changing how the target skill behaves.
The skill can write changes to the user's skill files, but the artifact explicitly requires a plan and confirmation before doing so.
Always show a plan first. Wait for user confirmation before writing anything.
Review the proposed restructuring carefully and use version control or a backup before approving writes.
Incorrect or unwanted generated rules could persist and influence future agent behavior when the edited skill is used.
The skill intentionally moves or creates content in rules files that become persistent context for later skill invocations.
rules files in a skill's directory are still loaded
Inspect generated rules for accuracy, remove any unwanted instructions, and keep the changes scoped to the intended skill.