v0.1.0

Command Creator

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:33 AM.

Analysis

This instruction-only skill coherently creates reusable slash-command markdown files, with the main caution that those files can persistently influence future agent behavior and may include powerful shell or publishing workflows.

GuidanceThis skill appears coherent and purpose-aligned. Before installing or using it, verify the install source, prefer project-scoped commands unless you intentionally want global behavior, and carefully review any generated command that runs shell tools, edits files, commits code, or publishes PRs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

references/examples.md

Runs `gt submit --stack --publish --no-edit` to create/update PRs for the entire stack

The reference examples include slash commands that can automate high-impact development actions such as committing and publishing PRs without interactive editing. They are examples, not automatic behavior of this skill, but they show the type of workflows users may create.

User impactIf a user creates and later invokes a command like these examples, it may modify repositories or publish changes using the user's existing tool access.

RecommendationTreat generated commands that run shell tools, commit code, or publish PRs as powerful automation; require clear user intent and review the command contents before use.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

README.md

npx add https://github.com/wpank/ai/tree/main/skills/tools/command-creator

The documented install command points to a remote GitHub path rather than a pinned release or registry source. No hidden code is shown in the reviewed artifact, but the install source should be verified.

User impactFollowing an unpinned remote install command can install content that changes over time.

RecommendationInstall from a trusted registry or a pinned commit/release, and verify the source before running remote install commands.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Slash commands are markdown files in `.claude/commands/` (project) or `~/.claude/commands/` (global) that expand into prompts when invoked.

This shows the skill creates stored instructions that may be reused later, including globally across projects.

User impactA generated slash command can keep influencing future agent sessions when invoked, especially if saved globally.

RecommendationReview generated command files before saving them, prefer project-scoped commands when possible, and remove global commands you no longer trust or need.