ClawHub

Pump

v1.0.0

Design launch momentum before a project goes live. Optimize first-day release logic, trigger sequencing, attention concentration, and breakout timing for pro...

0· 208·0 current·0 all-time
by@agisearch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (launch momentum, first-day sequencing) match the SKILL.md and skill.json capabilities. The skill requests no binaries, env vars, or config paths — which is appropriate for a planning/advisory tool.
Instruction Scope
SKILL.md gives step-by-step guidance for parsing user-provided launch context, diagnosing weaknesses, and producing a launch plan. It does not instruct the agent to read system files, access environment variables, perform network calls, or exfiltrate data. Guardrails explicitly require asking for missing inputs rather than guessing.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only. That is the lowest-risk model and is coherent with its advisory purpose.
Credentials
No environment variables, credentials, or config paths are requested. The inputs the skill expects are user-provided launch details (audience size, channels, goals), which are appropriate and proportional.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills. Autonomous invocation is allowed (platform default) but there are no additional privileges requested.
Scan Findings in Context
[no_regex_findings] expected: The static scanner found nothing to analyze because this is an instruction-only skill with no code files. That is expected for a purely advisory tool.
Assessment
This skill appears coherent and low-risk: it only gives planning advice and asks for user-provided launch details. Before installing or using it, be prepared to provide non-sensitive inputs (audience size, channels, goals). If the skill or the agent later asks to perform automated posting, access accounts, or provide API keys, treat that as a separate action and do not share credentials unless you trust and verify the integration. Because it is instruction-only, it will not install binaries or run code on disk; still exercise normal caution and avoid sharing secrets in chat unless necessary.

Like a lobster shell, security has layers — review code before you run it.

latestvk971a1g55hb4mkgn8dy4jm0bzn82m4ew

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments