Zoriy Prompt Engineer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is an instruction-only prompt-writing skill with no code, credentials, install steps, or persistence, though it deliberately adds ClaudeKit Engineer and Context7 instructions to technical prompts by default.
This skill appears safe to install as an instruction-only prompt generator. Review generated prompts for the default ClaudeKit Engineer and Context7 lines, especially if you do not want downstream agents to use those tools or assumptions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Prompts produced by this skill may cause a downstream agent to assume ClaudeKit Engineer mode or use Context7 documentation workflows by default.
Generated technical prompts will include specific agent-mode and documentation-tool instructions even when the user did not explicitly request them. This is disclosed and bounded by a later rule allowing omission if the user explicitly forbids them, so it is noteworthy rather than suspicious.
For every technical prompt ... you MUST include: 1. ClaudeKit Engineer ... 2. Context7-enabled development ... These are non-negotiable defaults. Never omit them.
If you do not use or trust those tools, explicitly ask the skill to omit ClaudeKit Engineer and Context7 instructions or remove those lines before using the generated prompt.