ClawHub

skill-improvement

v1.0.0

Use when optimizing existing Claude skills, checking skill quality, auditing skill compliance, or when skills have obvious issues. Triggers on skill optimiza...

0· 282·2 current·3 all-time
byJoel Young@acautomata
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (skill improvement / auditing / optimization) align with the requested actions in SKILL.md and references: reading SKILL.md and references, producing diagnostic reports, allowing user selection, applying fixes (with backups), and running verification tests. There are no unrelated env vars, binaries, or opaque install steps requested.
Instruction Scope
Instructions explicitly tell the agent to read SKILL.md and referenced files, generate reports, modify skill files (create .backup, show diffs, apply edits), and dispatch subagents in parallel for verification. This behavior is coherent for a skill-improvement tool, but it grants the skill authority to modify files and spawn subagents — users should expect file writes and background test runs and should review diffs and backups before accepting changes.
Install Mechanism
No install spec and no code files are present. Instruction-only skills that rely on platform capabilities are lower-risk because nothing is downloaded or written beyond the edits the skill itself proposes. No suspicious download or archive operations are present.
Credentials
The skill requests no environment variables, credentials, or config paths. The references mention other skills/dependencies conceptually (e.g., superpowers:writing-skills) but do not require secrets or unrelated credentials — proportional to the stated purpose.
Persistence & Privilege
always:false (normal). The skill's workflow includes modifying skill files, creating backups, and running verification subagents. These are expected for an editor/audit tool, but they do provide write and execution capability within the workspace. If you rely on strict change controls, require manual approval for edits, or restrict background subagent execution, consider enabling review steps or limiting autonomous actions.
Assessment
This skill appears internally consistent and requests no installs or secrets; it will read referenced documentation, create backups, propose and apply edits to skill files, and run verification subagents. Before installing or running it: (1) be prepared to review diffs and change logs — do not accept edits blindly; (2) ensure sensitive credentials are not stored in the skill files it will read or modify; (3) if you have change-control requirements, run the diagnostic/report phases only and do not allow automatic 'Fix selected' actions; and (4) if you want to limit impact, deny background/subagent execution or require explicit user confirmation before applying any edits. If you want stronger guarantees, ask the author for a dry-run mode that only produces reports and diffs without applying changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97af829rnxrcs9b7bnydaa5nx82dv51

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments