Brainstorming
Security checks across malware telemetry and agentic risk
Overview
This instruction-only brainstorming workflow is coherent, but it can inspect the current project and create a committed design document.
Before installing, be aware that this skill may slow tasks by requiring a brainstorming phase and may read the current repository, write a design file under docs/plans, and commit it to git. These actions are coherent for design planning, but you should review the document before committing in shared projects.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may insert a brainstorming/design step before implementation tasks.
The mandatory wording broadly influences when the agent should invoke the skill, but it is disclosed and aligned with a design-before-implementation workflow.
description: "You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior."
Use it when you want a structured design discussion; skip or override it if you need a quick, narrow change.
The agent may read project files and create a committed design document in the repository.
The skill directs the agent to read repository context and make a git commit. These actions are purpose-aligned and scoped to a design document, but they are still local project changes.
- Check out the current project state first (files, docs, recent commits) - Write the validated design to `docs/plans/YYYY-MM-DD-<topic>-design.md` - Commit the design document to git
Review the generated design before allowing the file write and git commit, especially in shared or production repositories.
The package identity is slightly inconsistent, which may make provenance harder to verify.
This internal metadata differs from the registry metadata shown for owner, slug, and version. Because the skill is instruction-only, this is a provenance/packaging note rather than evidence of unsafe runtime behavior.
"ownerId": "kn7b7sdwcjy1etamx2zvahc5xx80k8d4", "slug": "brainstorming", "version": "0.1.0"
Prefer installing from a trusted registry entry and confirm the publisher/version if provenance matters to your workflow.