Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent-Skills-Creator-SN
v1.0.4Helps create or refactor OpenClaw skills via a fixed 6-step workflow including material collection, safety reviews, requirement clarification, draft generati...
⭐ 0· 212·0 current·0 all-time
by@ccconan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description match the behavior: a multi-step workflow to create or refactor OpenClaw skills, including safety reviews and draft generation. No declared dependencies (binaries/env/config) are needed to produce a SKILL.md, so the lack of required env vars/binaries is reasonable.
Instruction Scope
SKILL.md instructs the model to accept URLs or pasted SKILL.md content (expected) and to 'search the web' for the latest official skill-creator reference. It also references a local filesystem path (/Users/conanchan/.openclaw/workspace/docs/) as a doc source. These are runtime actions that go beyond the skill's declared requirements: the skill does not state it will access the network or local files, yet the instructions explicitly ask for web searching and imply consulting local docs. This could lead to unintended reading of local files or fetching external content. The automatic output of install instructions that write to ~/.openclaw is expected for skill creation but reinforces that file writes are part of the workflow.
Install Mechanism
This is instruction-only with no install spec or bundled code. That is low-risk from an installation standpoint: nothing will be written or executed by the registry install. Any file writes or commands result from user actions or agent actions later, not from an installer.
Credentials
The skill declares no environment variables or credentials (proportionate). However, instructions invite the model to fetch external URLs or consult local documentation paths; those operations can expose local or remote data. Although no explicit SECRET/TOKEN envs are requested, the model could be prompted or instructed by the user to include sensitive details in generated output if not careful.
Persistence & Privilege
The skill does not request permanent/always-on privileges and is user-invocable. It does produce instructions for creating files under ~/.openclaw when finishing a draft; that is expected for a skill-authoring workflow and is not the same as the skill demanding persistent platform privileges.
What to consider before installing
This skill largely does what it says (a 6-step skill-creation workflow), but there are important caution points: 1) It tells the agent to 'search the web' for official references and to consult a specific local path (/Users/conanchan/...), yet the package declares no network or file access—confirm how your agent will perform web/local reads and whether it will do so automatically. 2) Do not paste secrets, credentials, or private config into the chat or into SKILL.md content you provide; the tool may include pasted content verbatim in generated drafts. 3) Before running any installation commands or creating files (the skill outputs mkdir/nano instructions), review the generated SKILL.md and the install commands; run them in an isolated environment or sandbox if you are unsure. 4) Treat the 'verified by SN✦' stamp as a cosmetic label from this skill—it is not an official platform endorsement. If you need higher assurance, ask the skill (or its author) to explicitly state whether it will automatically fetch URLs or read local files, and to confirm any network/local I/O is only performed with your explicit permission.Like a lobster shell, security has layers — review code before you run it.
latestvk97493dwfqh7f3nvz40fwa111d83csfsoriginalvk97493dwfqh7f3nvz40fwa111d83csfs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.