ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Session Wrap-Up

v1.0.0

Wrap up a conversation session before starting a new one. Use when the user says "wrap up", "wrap up this conversation", "session wrap up", or uses /session_wrap_up command. Flushes context to memory files, updates PARA notes, commits changes, and provides a summary.

0· 2.2k·13 current·15 all-time
by@branexp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description align with the instructions: writing session notes, updating long-term memory and PARA notes, and committing changes is coherent for a 'session wrap-up' skill. There are no unrelated environment variables or binaries requested.
!
Instruction Scope
The SKILL.md instructs the agent to write and update files across workspace paths (memory/, notes/, MEMORY.md) and to run git commands. It requires creating and modifying files and then pushing them to the remote. The doc does not define the <workspace> path, does not require confirmation before pushing, and provides no guidance to avoid committing sensitive data.
Install Mechanism
Instruction-only skill with no install steps or downloaded code. This is low-risk from an installation/execution standpoint.
Credentials
No credentials or environment variables are declared (which is reasonable), but the use of git push implicitly relies on existing git credentials/configuration in the environment. Because the skill will push automatically, it can cause remote writes using whatever credentials are present—this is a proportionality concern even though credentials aren't explicitly requested.
!
Persistence & Privilege
Flags show default behavior: the skill is model-invocable (disableModelInvocation not set) and not always-enabled. That means the model could autonomously invoke this skill and trigger automatic commits/pushes without an explicit user confirmation, increasing risk.
What to consider before installing
This skill does what it says (log session notes, update PARA, commit), but it has operational risks you should address before installing. Specific recommendations: (1) Require an explicit workspace path or confirm the repo to operate on; (2) Do not perform automatic git push—change to require a user confirmation before pushing, or make pushes manual; (3) Ensure the agent will not commit secrets or sensitive files (add a clear exclude list or .gitignore guidance); (4) Consider setting disableModelInvocation: true so the model cannot autonomously run the wrap-up routine; (5) Test in a non-sensitive sandbox repo first to observe behavior. If you cannot enforce these safeguards, avoid installing or running this skill in repositories containing sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk975a0ebad8mgt0377pye4wgdh80nnqv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments