Revenue-First Solofounder Studio
v1.0.0A solofounder studio using layered agent orchestration to identify, validate, build, and scale revenue-driven products with strict stage-gated governance.
⭐ 0· 74·0 current·0 all-time
byAmol Soans@amoldericksoans
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description align with the provided SKILL.md, template, and spawn script: this is an orchestration-oriented studio that launches OpenClaw agents to collect signals, score opportunities, run council reviews, and validate revenue hypotheses. Minor inconsistency: the README claims 'spawn 40+ agents' but the included script launches a small number of agents; that gap is likely an implementation/marketing mismatch rather than malicious.
Instruction Scope
SKILL.md and scripts instruct the platform to spawn agents that will collect data from external sources (X, Reddit, RSS) and create validation artifacts (landing pages, outputs under revenue-studio/). The instructions are broad and grant agent-run tasks wide latitude (collect, score, build); they do not direct reading of unrelated local files or exfiltration, but their breadth means agents may interact with external APIs/endpoints or create external resources if the platform/agent permits.
Install Mechanism
No install spec and only an instruction file plus a small shell script are included. Nothing is downloaded or written by an installer; risk from install mechanism is low.
Credentials
The skill declares no required environment variables or credentials. However, it explicitly instructs agents to collect data from third-party platforms (X, Reddit) and to create landing pages; those actions often require API keys, posting rights, or external service credentials. The absence of declared env requirements is not necessarily malicious but is worth verifying with the platform (which may provide connectors) to understand where credentials would be supplied and what permissions agents will use.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges or modify other skills. Autonomous invocation is allowed (platform default) but the skill itself does not request elevated persistence or system-wide changes.
Assessment
This skill is largely instruction-only and appears coherent for orchestrating revenue-focused agent workflows, but review these before installing: (1) Confirm where and how agents will access external services (X/Twitter, Reddit, hosting for landing pages). Make sure API keys or posting credentials are stored and scoped safely by the platform rather than embedded in the skill. (2) Limit agent permissions and test in a sandbox — the instructions are broad and could cause agents to make outbound requests, create pages, or run outreach without further guardrails. (3) Verify resource limits / concurrency: the description promises heavy parallelism but the shipped script is small; understand how many agents the platform will actually spawn and what rate/quotas apply. (4) Ensure audit logging and stage-gate enforcement are enabled so agents cannot skip approval gates or autonomously take monetized actions. If you need higher assurance, ask the author for a detailed runbook showing required connectors/credentials and expected agent behaviors.Like a lobster shell, security has layers — review code before you run it.
latestvk97cy9h0gqka4bv3gc0me9k0vx83pnsv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.