ClawHub
Back to skill
v1.0.0

Auto Context

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:32 AM.

Analysis

This instruction-only skill is coherent and low-risk, but it will proactively read local project context files and its README includes unpinned/manual install examples.

GuidanceInstall this if you want the agent to automatically read project planning files before work. Keep secrets out of TODOs, roadmaps, handoffs, and session notes, review the context summary before changes, and use a trusted or pinned installation source.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Do not wait for the user to ask — proactively load context... Read TODO.md... Glob .cursor/handoffs/*.md

The skill directs autonomous local file reads before major actions. This is disclosed and central to the purpose, but users should know the agent may read project context without a separate prompt each time.

User impactThe agent may inspect project planning and handoff files automatically when starting or resuming work.
RecommendationUse this skill only in projects where you are comfortable with the agent reading the listed context files; keep secrets out of those files.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
README.md
npx add https://github.com/wpank/ai/tree/main/skills/meta/auto-context

The README includes a user-run install command from an unpinned GitHub branch. This is an installation/provenance consideration rather than evidence of unsafe runtime behavior.

User impactInstalling from a moving branch could fetch different content later than the reviewed artifact.
RecommendationPrefer the trusted registry install path or pin and review the source revision before manual installation.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
After loading, produce a context summary... Current Task... Recent Changes... Relevant Findings...

Project documents are intentionally brought into the agent’s context and used to shape subsequent work. If those files are stale or contain misleading instructions, they could influence the agent’s behavior.

User impactOutdated or manipulated project notes could steer the agent toward the wrong task or implementation, though the skill does require a visible summary and staleness warnings.
RecommendationReview the generated context summary before the agent makes changes, and treat project notes as data rather than unquestionable instructions.