Intent Framed Agent
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill mainly asks the agent to confirm coding intent and monitor scope drift, with only minor notes around optional CLI detection, install-source verification, and possible persistent follow-up records.
This appears safe for its stated purpose. Before installing or using it, verify any external install source, be aware that it may check for the Entire CLI with a local status command, and review any later persistent self-improvement rules before saving them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user chooses to run the install command, they are trusting the referenced external package/source.
The skill documentation includes a user-directed install command that pulls from an external GitHub-style source via npx.
npx skills add pskoett/pskoett-ai-skills/intent-framed-agent
Verify the repository/source and package manager behavior before running the npx install command.
The agent may execute a local command to detect whether Entire CLI is available, though the command is limited and failure is handled silently.
The skill directs the agent to run a local CLI status check when tools are available.
When tool access is available, detect Entire at activation: ```bash entire status 2>/dev/null ```
Allow this only if you are comfortable with the agent checking local Entire CLI status; otherwise deny command execution for this step.
If that follow-up skill is used, information from a coding session could influence future agent behavior.
The interoperability section suggests a later step that may turn session patterns into durable rules or memory.
`self-improvement` (capture recurring patterns and promote durable rules)
Review any durable rules or memory updates before accepting them, especially if the session includes sensitive project details.