ClawAudit verdict

agent-harness-engineer

88
🟢 Trusted
Low risk — reviewed by ClawAudit, behavior matches stated purpose

A scaffold guide for building production AI agent systems with explicit rules against copying reference code and a tiered complexity model; the content is architectural guidance with no network calls or data exfiltration.

⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

0
security
70
transparency
70
maintenance

Findings (14)

Pattern match high

Pipe to python — executes piped content as Python code

SKILL.md · prose · downgraded · | Python

Pattern match high

Possible hardcoded credential

references/01-phase-init.md · prose · downgraded · API_KEY: "sk-ant-xxx

Pattern match high

References sudo — requests elevated privileges

references/08-core-concepts.md · code · sudo

Pattern match high

Recursive delete from root or home — destructive command

references/08-core-concepts.md · prose · downgraded · rm -rf /

Pattern match high

Accesses sensitive system files

references/12-sandbox-advanced.md · prose · downgraded · /etc/passwd

Pattern match medium

Opens WebSocket connection

references/10-mcp-integration.md · code · WebSocket

Pattern match medium

Popular HTTP library — network access

references/01-phase-init.md · code · axios

Pattern match medium

importlib.import_module — dynamic module loading

references/02-phase-llm.md · code · importlib.import_module(

Pattern match medium

Accesses system credential store

references/10-mcp-integration.md · prose · downgraded · Keychain

Pattern match low

References agent configuration files

SKILL.md · prose · downgraded · CLAUDE.md

Pattern match low

References webhook/callback URL

templates/enterprise/python/src/agent/coordinator.py · prose · downgraded · callback_url

Pattern match low

Accesses sensitive environment variables

templates/project-scaffold/nodejs/src/main.js · prose · downgraded · process.env.ANTHROPIC_API_KEY

Pattern match low

References agent memory files

templates/project-scaffold/python/src/agent/memory.py · prose · downgraded · MEMORY.md

Pattern match low

Python os.getenv — reads environment variable

templates/project-scaffold/python/src/main.py · prose · downgraded · os.getenv(

Permissions & capabilities

No declared permissions — minimal attack surface.

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API