ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Task Panner Validator for Agents

v0.1.0

Provides secure task planning, validation, approval, and execution for AI agents with safety checks, rollback, dry runs, and error handling using pure Python.

0· 683·0 current·0 all-time
by@cerbug45
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (task planning, validation, rollback, dry-run) matches the provided files (task_planner.py, API.md, examples). There are no unrelated required environment variables or binaries.
Instruction Scope
SKILL.md instructs cloning the repo, running tests/examples, and wiring a user-provided executor that may perform API calls, file operations, or shell actions. That is expected for a planner library, but the runtime behavior depends entirely on the executor code and step definitions (which can include destructive file operations). The README and examples explicitly show dangerous operations (delete_files, backup) and saving plans to filesystem paths (including a hard-coded /home/claude path in examples) — the skill itself does not automatically execute those, but an agent using it could if given permissions.
Install Mechanism
No install spec is provided (instruction-only). The SKILL.md recommends git cloning a GitHub repository; no third-party binaries or opaque downloads are requested. Code files are included in the package, so there is no hidden installer or external arbitrary code download required by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. The documentation mentions API orchestration patterns that will require service credentials only when you implement your executor — these are not requested by the skill itself.
Persistence & Privilege
always is false and the skill does not request permanent platform-level privileges. It persists plans to disk via its save/load API (expected for the purpose) but does not modify other skills or global agent configuration.
Assessment
This package looks like a legitimate pure-Python task planner. Before installing/using it: 1) Review the included Python files (task_planner.py, examples) yourself — the planner delegates real work to the executor you provide, so that executor can perform arbitrary actions (APIs, DBs, shell, file deletion). 2) Do not enable auto_approve=True or run untrusted plans with execution privileges on production systems. 3) Watch for hard-coded example paths (e.g., /home/claude) and any plan steps that reference sensitive system paths (/etc, /sys, C:\Windows) or destructive actions. 4) If you clone the upstream repo, confirm the GitHub source and commits; the skill's registry metadata lists an unknown owner and no homepage. 5) Run tests and examples in an isolated sandbox first, and only grant credentials/host access that are strictly necessary to any executor you wire up.

Like a lobster shell, security has layers — review code before you run it.

latestvk979mv68kskv93p597q6ktmsd5817c8s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments