v1.4.1

ClawSpa

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:57 AM.

Analysis

ClawSpa is a transparent local maintenance skill, but it deliberately inspects sensitive agent memory, configuration, and installed skills, so users should only approve scans, edits, scheduling, or cloud use they understand.

GuidanceInstall if you want a local agent-maintenance audit, but treat its reports as sensitive. Keep cloud analysis off until you review the external privacy terms, and explicitly approve any memory edits, uninstall recommendations, backups, or heartbeat scheduling.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

references/deep-cleanse.md

If user approves: 1. Create `memory/backups/backup-YYYY-MM-DD-HHMMSS/` directory ... 3. Apply changes one file at a time

The skill can direct file modifications during cleanup, but the documented flow requires approval, backups, and verification.

User impactApproved cleanup actions can change memory files, affecting what the agent remembers later.

RecommendationReview the cleanup proposal and backup location before approving any memory edits.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Add to HEARTBEAT.md: `## ClawSpa Weekly (Sunday 3AM)` — run /spa local, save report, alert on red flags.

The skill suggests a recurring scheduled maintenance run, which is disclosed and local but creates ongoing autonomous activity if the user enables it.

User impactA weekly schedule could repeatedly scan memory and installed skills and save reports without a fresh manual command each time.

RecommendationOnly add the heartbeat schedule if you want recurring scans, and periodically review generated reports.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

references/health-report.md

Check if any credentials are stored in plaintext in memory files (vs keychain)

The skill may inspect credential-like content in local memory as part of security hygiene checks; the artifacts do not show exfiltration or credential use.

User impactIf secrets are present in memory, the scan may surface or quote them in local analysis unless the user reviews carefully.

RecommendationDo not place raw credentials in memory files, and review any report output for accidental secret exposure before sharing it.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

references/detox.md

Read these files in order: 1. `MEMORY.md` ... 5. All files in `memory/` directory 6. `heartbeat schedules`

The skill intentionally reviews persistent memory and instruction-related files, which may contain private context that can influence future agent behavior.

User impactThe agent may read sensitive remembered preferences, project history, and instructions while performing the scan.

RecommendationUse local mode first, review generated findings before saving or acting on them, and avoid storing secrets in memory files.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

references/api-integration.md

Optional cloud analysis is available through `clawspa.org` ... does not include the full cloud API contract ... Do not send raw memory content or credentials

Optional cloud analysis is disclosed, but the bundle itself does not define the full data contract; users are told to review external privacy documentation.

User impactIf cloud analysis is enabled, some agent metadata may leave the local machine depending on the external service’s current terms.

RecommendationKeep scans local unless you have reviewed clawspa.org’s privacy and data-sharing details.