Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Deepagents Implementation
v1.0.0Implements agents using Deep Agents. Use when building agents with create_deep_agent, configuring backends, defining subagents, adding middleware, or setting...
⭐ 0· 72·1 current·1 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (implementing Deep Agents) matches the content: the SKILL.md is a how-to for create_deep_agent, backends, subagents, and middleware. However many examples implicitly rely on external services (OpenAI/Anthropic models, Postgres store, tavily_client search) while the skill declares no required env vars or credentials and provides no provenance (source/homepage missing). This mismatch is unexpected and worth questioning.
Instruction Scope
The instructions explicitly show how to enable FilesystemBackend, which enables an `execute` tool able to run shell commands and read/write absolute file paths. They also demonstrate persistence using PostgresSaver/Store which requires database connection strings. The SKILL.md does not constrain or warn about these powerful capabilities; an agent built per these instructions could access arbitrary host files or execute commands if the filesystem backend is configured that way.
Install Mechanism
No install spec or bundled code is provided (instruction-only). That minimizes the risk of the skill depositing or executing third-party code on disk. The skill only documents usage of external libraries; it does not itself perform downloads or installs.
Credentials
The documentation references several secrets-like values (DATABASE_URL, OpenAI/Anthropic model usage, and an undefined tavily_client) but the skill declares no required environment variables or primary credential. This is a proportionality mismatch: examples will require API keys and DB connection strings in practice, yet the skill does not declare them or explain where/how they will be used or stored.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills. However it documents use of persistent backends (Postgres, StoreBackend, checkpointers) that, if configured by the user with real credentials, will persist conversation state and files. This increases the potential blast radius if a user supplies broad credentials or points the backend at a production database.
What to consider before installing
This is an instruction-only guide for constructing agents with a Deep Agents library. Before using/installing: 1) Be aware that following the examples can enable filesystem access and an `execute` tool that runs shell commands — avoid FilesystemBackend or `execute` unless you explicitly want an agent to access/modify files or run commands. 2) Examples reference external credentials (OpenAI/Anthropic keys, DATABASE_URL, and an undefined web client 'tavily_client') but the skill does not declare or manage them — only provide credentials you trust and isolate (use test DBs, limited-scope API keys). 3) The skill source/homepage is unknown and there are no code files to inspect; if you plan to use the real deepagents library, verify the library's origin and review its code and dependencies. 4) If you need a lower-risk setup, prefer the default ephemeral StateBackend and in-memory checkpointers, and avoid connecting to production databases or granting broad filesystem roots. If you want higher confidence, ask the publisher for provenance (package repo / PyPI name / source code) and an explicit list of required env vars and security implications.Like a lobster shell, security has layers — review code before you run it.
latestvk9724t4b6megr3m5gx9s11s7mn838bvx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.