ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nm Sanctum Update Readme

v1.0.0

Refresh README structure and content using repo context from git-workspace-review

0· 112·1 current·1 all-time
by@athola

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for athola/nm-sanctum-update-readme.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Nm Sanctum Update Readme" (athola/nm-sanctum-update-readme) from ClawHub.
Skill page: https://clawhub.ai/athola/nm-sanctum-update-readme
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Config paths to check: night-market.sanctum:shared, night-market.sanctum:git-workspace-review, night-market.imbue:proof-of-work, night-market.scribe:slop-detector, night-market.scribe:doc-generator
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install nm-sanctum-update-readme

ClawHub CLI

Package manager switcher

npx clawhub@latest install nm-sanctum-update-readme
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the instructions: the SKILL.md describes a README refresh workflow that uses repository context, exemplar research, slop detection, and doc-generation. Requested config paths (git-workspace-review, scribe:slop-detector, scribe:doc-generator) align with the stated purpose. Minor mismatch: the SKILL.md references other skills (e.g., leyline:markdown-formatting) that are not listed in the declared config/requirements.
!
Instruction Scope
The instructions explicitly run or assume local tools and repo access (pwd, git status -sb, rg to read headings, git diff, make docs-update, writing to README.md and /tmp research files). The metadata declares no required binaries, but the runtime steps require git, ripgrep (rg), make, and shell write access to the workspace. The workflow also instructs web searches for exemplars — this involves external network access and may risk accidental disclosure if repo snippets are included in queries. Overall the runtime actions are coherent with the README-editing task but the SKILL.md grants broad file-read/write and network steps without listing them as requirements.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is the lowest install risk — nothing is written to disk by an installer. All activity happens at runtime via instructions.
Credentials
No environment variables or external credentials are requested. The required config paths point to other Night Market skill configs (scribe, sanctum, imbue), which is proportionate to a cross-skill workflow. There are no unrelated secret requests.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent elevation or to modify other skills' configs. Autonomous invocation is allowed (platform default) but not combined here with broad credentials.
What to consider before installing
This skill is coherent with its stated goal, but review before installing: 1) Confirm the agent environment provides the command-line tools the SKILL.md assumes (git, rg/ripgrep, make) — the metadata currently lists no required binaries. 2) Verify you trust the referenced Night Market skills (scribe, imbue, leyline/leyline-like markdown formatter) because the workflow delegates editing and slop-detection to them; note that 'leyline:markdown-formatting' is referenced in the instructions but not declared in metadata. 3) Consider the data-leakage risk of the exemplar web searches — avoid including secrets or code snippets in any external queries or citation uploads. 4) If you need higher assurance, ask the publisher to (a) list required binaries in metadata, (b) declare all plugin dependencies referenced in SKILL.md, and (c) document whether any external search/citation step transmits repository content to third parties. If those gaps are filled and you accept the repo-editing scope, the skill is reasonable to use; absent that, treat it cautiously.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🦞 Clawdis
Confignight-market.sanctum:shared, night-market.sanctum:git-workspace-review, night-market.imbue:proof-of-work, night-market.scribe:slop-detector, night-market.scribe:doc-generator
latestvk97f217f5nfcjvt6rqgr1m8ptd856p58
112downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@athola
latest
Download

Night Market Skill — ported from claude-night-market/sanctum. For the full experience with agents, hooks, and commands, install the Claude Code plugin.

README Update Workflow

When To Use

Use this skill whenever the README requires a structural refresh. Run Skill(sanctum:git-workspace-review) first to capture repo context and diffs.

When NOT To Use

  • Updating inline docs: use doc-updates
  • Consolidating ephemeral reports: use doc-consolidation

Required TodoWrite Items

  1. update-readme:language-audit
  2. update-readme:exemplar-research
  3. update-readme:outline-aligned
  4. update-readme:edits-applied
  5. update-readme:slop-scanned - AI marker detection via scribe
  6. update-readme:verification-reporting

Step 1 - Language Audit (update-readme:language-audit)

  • Confirm pwd, git status -sb, and the baseline branch for reference.
  • Detect dominant languages using repository heuristics (manifest files, file counts).
  • Note secondary languages that influence documentation (e.g., a TypeScript frontend and a Rust backend) so the README can surface both.
  • Record the method and findings.

See modules/language-audit.md for detailed detection patterns and commands.

Step 2 - Exemplar Research (update-readme:exemplar-research)

  • For each primary and secondary language, use web search to locate high-quality READMEs (star count, recency, maintainer activity).
  • Capture 2-3 exemplar repositories per language and summarize why each is relevant (section order, visuals, quickstart clarity, governance messaging, math exposition, etc.).
  • Store citations for every exemplar so the final summary references them explicitly.

See modules/exemplar-research.md for search query patterns and evaluation criteria.

Step 3 - Outline Alignment (update-readme:outline-aligned)

  • Compare current README headings (rg -n '^#' README.md) against patterns observed in exemplars.
  • Draft a target outline covering: value proposition, installation, quickstart, deeper usage/configuration, architecture/feature highlights, performance or math guarantees, documentation links, contribution/governance, roadmap/status, and licensing/security notes.
  • validate internal documents (docs/, specs/, wiki, commands/) are mapped to the relevant sections so the README anchors them with context-sensitive links.

Step 4 - Apply Edits (update-readme:edits-applied)

  • Implement the new structure directly in README.md (or the specified file).
  • Follow Skill(leyline:markdown-formatting) conventions: wrap prose at 80 chars (prefer sentence/clause boundaries), blank lines around headings, ATX headings only, blank line before lists, reference-style links for long URLs.
  • Maintain concise, evidence-based prose; avoid marketing fluff.
  • Add comparison tables, feature lists, or diagrams only if they originate from current repository assets (no speculative content).
  • When referencing algorithms or performance claims, point to benchmarks or tests within the repository or documented math reviews.

Step 4.5 - AI Slop Detection (update-readme:slop-scanned)

Run Skill(scribe:slop-detector) on the updated README to detect AI-generated content markers.

Scribe Integration

The scribe plugin provides AI slop detection:

Skill(scribe:slop-detector) --target README.md

This detects:

  • Tier 1 words: delve, tapestry, comprehensive, leveraging, etc.
  • Phrase patterns: "In today's fast-paced world", "cannot be overstated"
  • Structural markers: Excessive em dashes, bullet overuse, sentence uniformity
  • Marketing language: "enterprise-ready", "cutting-edge", "seamless"

Remediation

If slop score exceeds 2.0 (moderate), apply Skill(scribe:doc-generator) principles:

  1. Ground every claim with specifics
  2. Remove formulaic openers/closers
  3. Use numbers, commands, filenames over adjectives
  4. Balance bullets with narrative prose
  5. Show authorial perspective (trade-offs, reasoning)

For significant cleanup needs, use:

Agent(scribe:doc-editor) --target README.md

Step 5 - Verification & Reporting (update-readme:verification-reporting)

  • Re-read the updated README for clarity, accessibility (section lengths, bullet balance), and accurate links.
  • Run git diff README.md (or the edited file) and capture snippets for the final report.
  • Summarize detected languages, exemplar sources (with citations), key structural decisions, and follow-up TODOs (e.g., add badges, upload diagrams).

Exit Criteria

  • All TodoWrite items are complete.
  • The README reflects a modern, language-aware structure, referencing both internal docs and external inspiration with citations.
  • Research notes and command references are captured so future reviewers can reproduce the process.

Troubleshooting

Common Issues

Documentation out of sync Run make docs-update to regenerate from code

Build failures Check that all required dependencies are installed

Links broken Verify relative paths in documentation files

Comments

Loading comments...