ClawHub

Performance Review Engine

v1.1.0

AI-powered system for creating structured, balanced performance reviews, self-assessments, 360° feedback, and calibration notes across review cycles.

2· 808·2 current·2 all-time
by@1kalin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the SKILL.md and README content: templates, frameworks, and prompts for self-assessments, manager reviews, 360° feedback, calibration, and development plans. The skill requests no unrelated binaries, env vars, or config paths.
Instruction Scope
SKILL.md contains templates, frameworks, prompts, and checklists only — no shell commands, file reads, or explicit network endpoints. However the content is designed to collect and synthesize 360° feedback and calibration data (sensitive employee information). The instructions do not specify how to collect/store that data or what external endpoints to use, so actual data flow depends on the agent's integrations/permissions at runtime.
Install Mechanism
No install specification and no code files — instruction-only. Nothing is written to disk or downloaded by the skill itself, which minimizes technical attack surface.
Credentials
The skill declares no required environment variables, credentials, or config paths. There are no disproportionate secret requests relative to the stated HR review functionality.
Persistence & Privilege
always is false and the skill uses normal autonomous-invocation defaults. It does not request persistent system-wide changes or access to other skills' configs.
Assessment
This skill is coherent and low-risk from a package/installation standpoint because it's instruction-only and asks for no credentials. The main concern is sensitive HR data: do not feed real PII, salaries, or confidential performance details into the skill unless you verify which integrations the agent will use (email, Slack, HRIS, storage) and you trust those connections and retention policies. Test with dummy data first, limit the agent's permissions (sandbox/email drafts rather than sending), review any external links or paid add-ons before sharing data, and ensure compliance with your company's privacy and HR policies.

Like a lobster shell, security has layers — review code before you run it.

360vk976c980344yqmammz7kyybcp9812mn4calibrationvk976c980344yqmammz7kyybcp9812mn4employeevk97d2eja6p9wrfagbmg5qv5bcx813597feedbackvk976c980344yqmammz7kyybcp9812mn4hrvk976c980344yqmammz7kyybcp9812mn4latestvk976c980344yqmammz7kyybcp9812mn4managementvk976c980344yqmammz7kyybcp9812mn4performancevk976c980344yqmammz7kyybcp9812mn4reviewvk976c980344yqmammz7kyybcp9812mn4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments