Claude Automation Recommender
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect the local project using shell commands while preparing recommendations.
The skill declares Bash access for analysis. The displayed workflow uses read-only commands such as ls, cat, and grep, so this is purpose-aligned, but Bash is a broad tool.
tools: Read, Glob, Grep, Bash
Allow only read-only analysis commands unless you explicitly ask for implementation or installation work.
If you install recommended MCP servers, Claude may gain access to important accounts or systems depending on the credentials and permissions you grant.
The skill may recommend MCP servers that connect to third-party accounts and can affect databases, repositories, cloud resources, or other services.
Supabase MCP - Direct database operations ... GitHub MCP - Issues, PRs, actions ... AWS MCP - Cloud resource management
Use least-privilege credentials, confirm the MCP server source, and review what each integration can read or change before enabling it.
Installing an untrusted recommended plugin could add unsafe commands, hooks, agents, or skills to your Claude Code setup.
The skill can recommend plugins discovered outside the included reference list. This is aligned with its recommender role, but community plugins require provenance review.
Use web search to discover additional community plugins.
Prefer official or well-reviewed plugins and inspect plugin contents before installation.
If you implement recommended hooks, commands may run automatically during future Claude Code sessions.
The skill recommends hooks that can automatically run local commands after edits, writes, notifications, or other Claude Code events.
Hooks automatically run commands in response to Claude Code events.
Review hook commands carefully, keep them scoped to safe project tasks, and avoid hooks that run untrusted scripts or destructive commands.
Persistent memory can be useful, but it may store sensitive project details or carry forward outdated or poisoned context.
The skill may recommend persistent memory integrations that reuse project context across sessions.
Memory MCP - Cross-session memory ... Claude remembers project context, decisions, and patterns across conversations.
Enable memory only with clear retention rules, avoid storing secrets, and periodically review or clear saved memories.
A poorly reviewed MCP configuration could affect multiple users on the project, not just the person who added it.
The skill recommends sharing MCP configuration through the repository, which can propagate tool integrations to teammates.
Checked-in `.mcp.json` - Available to entire team (recommended!)
Do not commit secrets, require team review for shared MCP configs, and document what each server can access.