ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Lifecycle Protocol

v0.1.1

Lifecycle management for autonomous AI agents — birth, forking, succession, migration, retirement. Maintain agent genealogy with reputation inheritance acros...

0· 49·0 current·0 all-time
by@alexfleetcommander
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (agent lifecycle management) match the runtime dependencies the SKILL.md declares: python3 and pip. Reading/writing a local lifecycle store (.jsonl) is consistent with the stated purpose.
Instruction Scope
The SKILL.md contains clear API examples and only references files in a working directory (lifecycle.jsonl). It does, however, instruct the operator to 'pip install agent-lifecycle-protocol' and asserts 'No network access for core operations' and 'Cannot access files outside your working directory' — these are claims in prose and not enforced by the registry. Since the skill is instruction-only, installing the package is required to execute the described operations; that install step expands the scope to whatever the package contains.
!
Install Mechanism
The registry provides no install spec, yet SKILL.md tells users to pip install a package from PyPI. Installing a package from the network is a supply-chain risk (arbitrary code execution, network I/O, hidden side effects). While PyPI is an expected distribution channel, the registry should either include an install spec or include the implementation. The absence of an explicit install mechanism in the registry but an in-text install instruction is an incoherence that merits caution.
Credentials
The skill requests no environment variables, no credentials, and no special config paths. For a local lifecycle store tool this is proportionate. However, the package you install could request or use other environment data at runtime — this is not visible from the SKILL.md alone.
Persistence & Privilege
The skill does not request always:true and does not declare modifying other skills or global agent configuration. Its operations appear limited to creating and managing local lifecycle records. No elevated persistence is requested in the registry metadata.
What to consider before installing
This skill appears to do what it says, but it asks you to pip install a third-party package that is not included in the registry — that step carries supply-chain risk. Before installing: (1) inspect the PyPI package and its source repository (verify maintainer, recent releases, and code) and check for network calls or file accesses outside the working directory; (2) prefer installing in an isolated environment (virtualenv, container) and pin an audited version; (3) request an explicit install spec or packaged code in the registry if you want the registry to enforce provenance; (4) if you cannot review the package, avoid installing it on sensitive hosts because a package could execute arbitrary code, exfiltrate secrets, or access files beyond what the SKILL.md claims. If the vendor provides a source repo or signed releases, review those to raise confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk974yja0nmr0f87pbjd7eam6j9848zas

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
Any binpip, pip3

Comments