Scan Report
5 /100
plan
Think-first execution with approval gating. Use when work is complex, ambiguous, irreversible, multi-step, worth comparing before choosing, interrupted and needs recovery, or long-running enough to need a living plan.
Pure documentation skill providing a read-only approval-gated planning framework with no executable code or sensitive operations.
Safe to install
This skill is safe to use. It contains only documentation describing a planning methodology with no implementation code.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Info | Toolbox audit concept implies capability not present Doc Mismatch | SKILL.md:241 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | Documentation describes read-only exploration before approval |
| Network | NONE | NONE | — | No network operations in code (no code exists) |
| Shell | NONE | NONE | — | No shell execution described or implemented |
| Environment | NONE | NONE | — | No environment variable access described |
| Skill Invoke | NONE | NONE | — | Toolbox audit mentions checking skills but no invocation code exists |
| Clipboard | NONE | NONE | — | No clipboard access described |
| Browser | NONE | NONE | — | No browser access described |
| Database | NONE | NONE | — | No database access described |
File Tree
2 files · 12.7 KB · 372 lines Markdown 2f · 372L
├─
▾
references
│ └─
patterns.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ No executable code - pure documentation/methodology
✓ Explicit read-only stance until user approval
✓ Approval contract clearly defines when actions are permitted
✓ Surprise policy requires stopping and reporting unexpected changes
✓ No credential, file write, or network access operations
✓ No dependencies to audit for vulnerabilities
✓ Documentation is clear and matches the stated purpose