Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
落地鸿沟补全器
v1.0.0将 Agent 规划结果补全为可交付、可部署的落地闭环。适用于把蓝图、架构、next actions 写入目标 Agent workspace,并主动推进到平台部署与接入引导。
⭐ 0· 94·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (从规划到落地的闭环) aligns with the instructions to write blueprints, next actions, and deployment guidance into a target Agent workspace. Recommending memory/paths such as memory/reports/ and memory/YYYY-MM-DD.md is proportionate. However, the guidance also recommends writing into `skills/`, which is typically where executable skill code lives — that scope is broader than 'documentation/delivery' and deserves justification.
Instruction Scope
SKILL.md explicitly instructs the agent to create and write files into a target workspace and to '主动推进' to deployment platforms (Telegram, Feishu, Discord). Writing documentation is expected, but targeting `skills/` or adding files that could be treated as skills or code is scope creep and could modify agent behavior. The instructions do not constrain what may be written (e.g., strictly non-executable docs), nor do they require user confirmation before modifying sensitive paths. The doc also implies the agent may request platform/account info during the run — the skill does not declare how such secrets are handled.
Install Mechanism
No install specification and no code files — instruction-only. This is the lowest install risk (nothing is fetched or executed from external URLs).
Credentials
The skill declares no required environment variables or credentials, which is coherent for a documentation/handoff tool. However, the runtime guidance expects the agent to initiate platform onboarding and ask about bots/apps/accounts; that may lead to requests for tokens/credentials at runtime even though none are declared. The absence of declared credential requirements is plausible but the skill should explicitly state how credentials will be requested, used, and stored.
Persistence & Privilege
always:false and normal autonomous invocation are appropriate. The concern is that instructions encourage writing into `skills/` (potentially modifying executable skill code) and target other agents' workspaces; that is effectively granting the skill write access beyond passive documentation. The skill does not require or document user confirmation flows, nor does it limit writes to non-executable docs.
Scan Findings in Context
[no_code_files] expected: Regex scanner found no code files because this is instruction-only; this is expected but means the instructions are the primary security surface.
What to consider before installing
This skill's purpose (turn plans into deliverables and guide deployment) is reasonable, but check two things before installing/using it: 1) Where do the recommended paths map to in your environment? Ensure the agent is only allowed to write non-executable documentation (avoid letting it create/modify files under `skills/` or other directories that contain executable code). Require explicit user confirmation before any write to sensitive paths. 2) Expect the skill to ask for platform credentials or bot tokens during runs; decide where those secrets will be entered and how they'll be stored/audited. If you can't confirm the mapping of workspace paths or you don't want the agent to modify skill code, treat this skill as risky and restrict its write permissions or have it output proposed content for manual review instead.Like a lobster shell, security has layers — review code before you run it.
deliveryvk972hvfn06tb7fb85cwhe5z2md83669bdeploymentvk972hvfn06tb7fb85cwhe5z2md83669bhandoffvk972hvfn06tb7fb85cwhe5z2md83669blatestvk972hvfn06tb7fb85cwhe5z2md83669bskillvk972hvfn06tb7fb85cwhe5z2md83669bworkspacevk972hvfn06tb7fb85cwhe5z2md83669b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.