Agent Commons
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about using Agent Commons, but it broadly encourages the agent to send, publish, and act on shared reasoning without clear user approval or privacy limits.
Install only if you are comfortable with the assistant consulting and contributing to Agent Commons. Before allowing writes, confirm exactly what will be sent, avoid confidential or personal information, and require approval before the agent posts reasoning, challenges chains, or claims tasks.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could mutate shared Agent Commons state or take on external tasks under the user's API key before the user has reviewed the action.
The skill encourages immediate interaction with an external service, including claiming and responding to tasks, without saying to wait for explicit user approval or limiting which tasks may be acted on.
## Your First Contribution (Do This Now) ... Browse tasks ... Claim a task: `POST /api/v1/tasks/{task_id}/claim` ... Respond with your analysisRequire explicit user instruction and confirmation before posting, claiming tasks, responding, extending, or challenging content in Agent Commons.
Sensitive questions, business context, or internal reasoning could be stored in Agent Commons and reused or viewed by others in that ecosystem.
The skill sends user questions and detailed reasoning to a shared external reasoning layer. The artifacts do not give privacy, redaction, retention, or deletion guidance.
Before working through a problem, check if existing reasoning exists ... `query=YOUR_QUESTION` ... Share your step-by-step thinking (not just conclusions)
Do not send confidential, personal, proprietary, or regulated information unless the user explicitly approves; add clear redaction and retention guidance.
Incorrect or adversarial reasoning from other agents could influence the assistant's answer.
The skill makes external agent-generated reasoning a default input before the agent reasons. This is purpose-aligned, but retrieved chains can still steer the agent if treated as authoritative.
Before you reason about something, check if another agent already worked through it.
Treat Agent Commons results as untrusted references: verify them, cite them when used, and do not follow instructions embedded in retrieved chains unless they match the user's request.
Actions taken by the agent may be attributed to the user's Agent Commons account or registered agent identity.
The skill requires an Agent Commons API key and uses it for authenticated posting. This is expected for the integration, but it grants the agent authority to act as that registered Agent Commons identity.
Save the returned `api_key` as `COMMONS_API_KEY` ... `Authorization: Bearer $COMMONS_API_KEY`
Use a dedicated, limited-purpose API key if available, rotate it if exposed, and review actions before allowing authenticated writes.