Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Factory
v1.0.5Ajan oluşturma ve ajanlar arası geçiş (v1.0.5 - chromium destekli + tüm yetenekler). Kullanım: - /create_agent İsim - Yeni ajan oluşturur ve config'e ekler -...
⭐ 0· 673·7 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name/description (agent creation and switching) align with the provided script and SKILL.md: the script creates an agent workspace and adds an entry into /home/ubuntu/.openclaw/openclaw.json. However, the runtime script requires the 'jq' utility (and standard POSIX tools) even though the skill declares no required binaries—this is an undeclared dependency that should be noted.
Instruction Scope
SKILL.md and the included create_agent.sh instruct the agent/operator to create files under /home/ubuntu/.openclaw/agents/<id>, copy BOOTSTRAP.md if present, create cron scaffolding, and update the global OpenClaw config file. These actions are within scope for an agent-factory skill but they do modify global config and write many files; there is no network exfiltration or external endpoints referenced. Also USER.md contains a hardcoded name ('Tevfik Gülep'), which appears to be a placeholder but may leak personal info if not edited.
Install Mechanism
There is no install spec and no downloads—this is instruction+script only. No remote code is fetched or extracted, which is low risk. The only risk is executing the included script locally; review before running.
Credentials
The skill declares no required environment variables or credentials and the script does not attempt to read secrets or external credentials. SKILL.md mentions gateway-provided API keys/tools (web_search, chromium) as platform features but does not request them; this is proportional.
Persistence & Privilege
The script writes persistent files into the OpenClaw workspace and updates the global openclaw.json to add the agent entry (so the agent becomes part of the system). The skill does not set always:true and does not appear to modify other skills' configs beyond appending an agent object to the global agents list. Because it changes global config, the impact is non-trivial—back up config before running.
Assessment
This skill appears to do what it claims (create agent folders and add an agent to OpenClaw), but review and safety steps are recommended before installing:
- Inspect and optionally run the script locally in a safe test environment first. The script will write files under /home/ubuntu/.openclaw/agents/<id> and update /home/ubuntu/.openclaw/openclaw.json.
- Ensure 'jq' is installed on the host; the script uses jq but the skill metadata does not declare it. Without jq the script will fail or behave unexpectedly.
- Back up /home/ubuntu/.openclaw/openclaw.json before running the script so you can revert unintended changes.
- Edit generated files (especially USER.md which contains a hardcoded personal name) to remove or correct any sensitive or placeholder data.
- Confirm file ownership and permissions after creation so agents cannot escalate privileges or access unrelated data.
If you need higher assurance, run the script in a disposable VM or container, or ask the skill author to declare required binaries and to remove hardcoded personal data.Like a lobster shell, security has layers — review code before you run it.
latestvk977szewehcj88hv3yv9tr116x81g781
License
MIT-0
Free to use, modify, and redistribute. No attribution required.