v1.0.0

Augment Code

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:58 AM.

Analysis

This skill is a Review because it points users to an external coding assistant that may receive broad repository access, persistently index private code, and autonomously modify files without clearly stated scope or approval controls.

GuidanceInstall only after verifying the official extension and vendor documentation. Limit repository access, exclude secrets and sensitive folders from indexing, use version control, and require human review before accepting multi-file changes or command execution.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Agent 模式：自主执行多步编程任务... 自动定位需要修改的文件... 跨多个文件进行一致性修改... 运行测试验证修改正确性

The described agent can autonomously modify multiple files and run tests, but the artifact does not state approval, review, rollback, or command-scope safeguards.

User impactThe assistant could make broad code changes or execute project commands that affect the local workspace if used without review.

RecommendationUse this only in a version-controlled workspace, review diffs before accepting changes, and require confirmation before running commands or modifying multiple files.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

SKILL.md

code --install-extension augment.augment-vscode

The artifact instructs users to install an external VS Code extension. This is aligned with the skill’s purpose, but the provided registry metadata has unknown source and no homepage.

User impactInstalling the wrong or unverified extension could give untrusted code access to the development environment.

RecommendationVerify the extension publisher, marketplace listing, permissions, and organization approval before installation.

Human-Agent Trust Exploitation

SeverityLowConfidenceMediumStatusConcern

SKILL.md

企业级安全：代码不离开企业网络，支持私有化部署，SOC 2 合规... 本地索引，代码不上传

The artifact makes strong privacy and compliance claims, but the supplied package metadata provides no homepage, source, or supporting documentation to verify them.

User impactUsers may grant broad repository access based on privacy assurances that are not substantiated in the provided artifacts.

RecommendationIndependently verify the vendor’s privacy model, deployment mode, and compliance documentation before authorizing sensitive repositories.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

首次使用需要：1. 注册 Augment 账号... 2. 授权访问代码仓库

The skill requires an external account and repository authorization, which is expected for this coding assistant but still grants access to sensitive development assets.

User impactGranting repository access may expose private code or organization metadata depending on the permissions requested by the external service or extension.

RecommendationAuthorize only the minimum repositories needed, check requested scopes carefully, and prefer organization-approved accounts and deployments.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

它能索引整个组织的代码仓库... 团队知识沉淀... 实时上下文更新... 用户接受/拒绝建议的行为持续优化模型对项目的理解

The skill describes broad, persistent indexing and learning from user feedback across organization code, but does not specify path limits, exclusions, retention, or how indexed context is reused.

User impactPrivate source code, internal APIs, and possibly secrets in repositories could be stored in an index or reused as context in future suggestions.

RecommendationBefore use, confirm exactly which repositories and files are indexed, exclude secrets and sensitive paths, verify retention and deletion controls, and understand whether indexed context can affect other projects or users.