ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Presale One-pass Orchestrator

v0.1.0

Run or supervise a one-pass Codex implementation with preflight gates, stepwise plan execution, and strict QA defect loop. Use when executing approved presal...

0· 541·0 current·0 all-time
byDima Tsiomo@dtsiomo
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (one-pass presale orchestration with preflight gates and QA loops) matches the instructions: validate readiness, follow plan steps, update verification matrices, and enforce QA. No unrelated binaries, credentials, or installs are requested.
Instruction Scope
The SKILL.md instructs the agent to read and validate artifacts like `project-context`, `verification matrix`, `mid-summary`, and plan files and to update those files. That is consistent with orchestration, but the references are high-level and assume those artifacts exist in the agent's workspace—the skill may therefore search for and modify project files. There are no instructions to contact external endpoints or access unrelated system paths.
Install Mechanism
Instruction-only skill with no install spec and no code files. No packages, downloads, or executable installs are performed.
Credentials
No environment variables, credentials, or config paths are requested. The agent will operate only on project artifacts implied by the instructions; this is proportionate to the stated orchestration task.
Persistence & Privilege
always is false (default) and there is no attempt to modify other skills or system-wide settings. The skill will act within the current run and workspace as an orchestrator.
Assessment
This skill is coherent for managing a one-pass execution of presale plans, but it operates by reading and updating project plan files and verification artifacts in the workspace. Before running it, ensure: (1) the workspace contains only non-sensitive files or that sensitive data is removed, (2) you have backups or version control for plan files the skill may modify, and (3) the meaning/locations of artifacts like `project-context`, `verification matrix`, and `mid-summary` are known and confined to the intended project. If you need stricter controls, run the skill in a restricted environment or review the exact plan files it will act on before allowing modifications.

Like a lobster shell, security has layers — review code before you run it.

latestvk977qk2f2b2a096sjxf7r055v981mjr9latest presalevk977qk2f2b2a096sjxf7r055v981mjr9
541downloads
0stars
1versions
Updated 8h ago
v0.1.0
MIT-0
Dima Tsiomo@dtsiomo
latestlatest presale
Download

Run one-pass only after readiness is explicitly approved.

Preflight

  1. Validate all mandatory docs/configs from project-context.
  2. Validate readiness checklist decision = YES.
  3. Validate no open review comments.
  4. Stop immediately on any failed gate.

Execution protocol

  1. Follow plan steps in order.
  2. After each step, update plan verification matrix and mid-summary.
  3. Keep scope locked; reject out-of-scope additions.

QA defect loop (mandatory)

Apply process from references/qa-defect-loop.md.

Completion

  1. Ensure final summaries exist in all plan files.
  2. Produce changed files + reproducible check commands.
  3. List risks/debts and open questions.

Comments

Loading comments...