Backend Event Stores
PassAudited by ClawScan on May 1, 2026.
Overview
The provided artifacts are a coherent instruction-only guide for event-store design, with only a minor provenance note around the documented GitHub install command.
This skill appears safe as an instruction-only event-store design guide. Before installing, verify the remote GitHub source used in the README command, especially because it is not pinned to a specific release.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user runs the README install command, they depend on the current contents of that remote source.
The documented installation command fetches from a remote GitHub path rather than a pinned release. This is user-directed and expected for installation, but it leaves provenance and version stability for the user to verify.
npx add https://github.com/wpank/ai/tree/main/skills/backend/event-store
Verify the GitHub repository and consider installing from a trusted, pinned version or reviewed local copy.