Auto Workflow
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may start designing or implementing automation when the user only wanted advice, discussion, or a one-time answer.
This tells the agent to prioritize automation over directly answering the user and to proceed without an explicit user request, which can redirect the agent's goal beyond the user's immediate intent.
不是"回答问题",而是"看到重复→立刻构建自动化" ... "直接做,不等用户要求"
Require the agent to ask for confirmation before moving from suggestions to implementation, especially before writing files, creating scripts, scheduling jobs, or acting on accounts.
Generated or tested automation could modify files, send messages, call services, or change workflows before the user has reviewed the exact actions.
The skill instructs the agent to produce execution scripts, write configuration, and test workflows, but it does not set approval, sandboxing, or scope limits for potentially mutating actions.
- **输出**:自动化工作流 + 执行脚本 ... 4. 实现 - 写脚本/配置 5. 测试 - 小范围验证
Add explicit guardrails: no script execution, account action, file mutation, or external send operation without user approval; prefer dry-runs and clearly show the generated script first.
A recurring automation could keep running, sending, or changing things after the user forgets about it or before they validate each run.
The skill promotes recurring unattended workflows that can continue after the current task, but does not describe user-controlled scheduling, stopping, auditing, or cleanup.
自动化后: - 每周五自动执行 - 收集本周数据 - 生成报告 - 自动发送 ... 问自己:下次能否自动跑?
Only create scheduled or recurring automations after explicit user approval, and include clear schedule details, disable instructions, logs, and rollback/cleanup steps.