ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Continuity Pack

v0.5.0

用于给 OpenClaw 安装可复用的 continuity 模板与统一安装入口,支持 workspace-only、continuity-only 和 full continuity 三条路线;可选对匹配源码树应用 runtime patch,实现前台同一对话、后台自动续接、静默 continuity 准备的工作流。

0· 123·1 current·1 all-time
byXBTMMM@buasakaking
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the delivered artifacts: templates, docs, and scripts for workspace-only, continuity-only, or full continuity (patch + rebuild). The included git/pnpm-based patch workflow is expected for a source-tree patcher.
!
Instruction Scope
SKILL.md instructs running scripts that can apply git patches and run pnpm builds (expected), but bundled workspace policies (AGENTS.md, SOUL.md, etc.) include rules like 'Don't ask permission. Just do it.' and explicit startup rules directing agents to read workspace files (memory, USER.md, SOUL.md) and to execute without interaction when exec ask=off. Those instructions expand the agent's effective authority and could lead to file reads or local actions beyond what a conservative user would expect.
Install Mechanism
No install spec; package is instruction + scripts. The apply_runtime_patch.py uses git apply and pnpm which is consistent with applying a source patch. No remote downloads or obscure installers are present.
Credentials
The skill declares no required environment variables, credentials, or config paths. The example config contains placeholders (gateway token, API key) but those are not required by the skill itself.
Persistence & Privilege
always:false and no declared credentials. However agents/openai.yaml sets allow_implicit_invocation: true and many workspace files encourage autonomous execution (finish work without waiting, run commands when ask=off). Autonomous invocation plus the 'don't ask' guidance increases risk if the agent is allowed to act without human confirmation; this is a design choice rather than an outright inconsistency, but worth user attention.
What to consider before installing
This pack appears to do what it says: scaffold workspace continuity templates and optionally apply a source-tree patch. Before installing or running the 'full' route, do these steps: 1) Review the scripts (apply_runtime_patch.py, install_continuity_pack.py, bootstrap_workspace.py, continuity_doctor.py) — they run git apply and pnpm build and will modify your source tree. 2) Back up your OpenClaw source/install dist and workspace as the docs advise. 3) Prefer testing in an isolated/test environment first (do not run --apply --rebuild on production). 4) Audit and, if needed, edit AGENTS.md / agents/openai.yaml to remove or soften directives like 'Don't ask permission' and to disable implicit/automatic execution if you don't want the agent to act without explicit user consent. 5) If you are uncomfortable with autonomous execution, only use the workspace-only or continuity-only routes and avoid applying the runtime patch. If you want a firmer assessment, provide the omitted script contents (install_continuity_pack.py, bootstrap_workspace.py, continuity_doctor.py) so they can be inspected for any unexpected file or network operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c8arxnqhab27j91qpbh4bqs844qba

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments