Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SpecClaw
v0.6.1Spec-driven development framework for OpenClaw. Propose features, generate specs, spawn coding agents, validate implementations.
⭐ 0· 91·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The scripts and runtime instructions match the stated purpose: orchestrating propose→plan→build→verify workflows, spawning coding agents, creating worktrees/branches, and committing changes. This level of file/VC operations is expected for a spec-driven build orchestrator. Note: the SKILL.md mentions optional GitHub sync and notification integrations (Discord), but the registry metadata declares no required credentials or config paths for those services — a gap between claimed capabilities and declared requirements.
Instruction Scope
Runtime instructions read repository files, generate context payloads (build-context.sh collects listed files up to 500 lines each), create/modify files in .specclaw and the project, spawn coding subagents, run git operations (branch/worktree creation, commits, merges), and run configured test/lint/build commands. All of this is consistent with the skill goal, but it implies the agent will be given broad read/write access to the repo and may run arbitrary build/test commands. The SKILL.md also describes an autonomous 'cron' automation mode that will run builds on a schedule — this is powerful and should be enabled only with care.
Install Mechanism
There is no install spec (instruction-only). Scripts are bundled in the skill and invoked by the agent (via exec). No external downloads/installs are requested by the skill itself, which reduces install-time risk. The presence of many bundled scripts is expected for an orchestrator.
Credentials
The skill declares no required environment variables or primary credential, yet the SKILL.md and templates reference optional GitHub sync (creating/updating Issues) and external notifications (e.g., Discord channels). Those integrations normally require tokens or credentials (GH PAT, Discord webhook/bot token) but none are declared in requires.env. That mismatch could mean the skill expects credentials to exist elsewhere (git remotes/SSH, local environment), or that gh-sync.sh / notification scripts will read undeclared env vars at runtime — both are notable. Also, the skill emits commands that will run your project's test/lint/build commands (configurable in config.yaml) which may require network access or credentials not surfaced by the skill metadata.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable. However it can spawn agents autonomously (default platform behavior) and SKILL.md documents an automation/cron mode that will run builds on its own schedule. Combined with the skill's ability to create branches/worktrees and commit/merge changes, this grants meaningful persistent capabilities over the repository when enabled. There is no sign it tries to modify other skills' configs.
What to consider before installing
This skill is powerful and generally coherent with its purpose, but proceed with caution:
- Review config.yaml before using: the skill will run test/lint/build commands and may auto-commit/merge; ensure commands are safe and auto-merge behavior is acceptable.
- External integrations (GitHub issue sync, Discord notifications) are mentioned but no credentials are declared. Inspect gh-sync.sh and notification-related scripts to see which environment variables or auth methods they use; supply credentials only if you trust the code and repository.
- The skill spawns coding agents that receive file contents (up to 500 lines per file). If your repo contains sensitive secrets, consider cleaning or isolating the repository (or disabling automation) before running builds.
- There's a small path inconsistency in the docs: SKILL.md sometimes references bash skill/scripts/*. The actual scripts are in scripts/. Confirm paths used at runtime (OpenClaw may mount skill files under a different root) so commands invoked by the agent will work as intended.
- Test in a disposable or sandbox repository first. Disable automation/cron until you’ve validated behavior. If you need the GitHub/Discord features, audit the specific scripts (gh-sync.sh, notification code) to confirm what tokens they read and how they transmit data.
If you'd like, I can: (1) list the exact places where external tokens would be needed (search gh-sync.sh, notification code), (2) scan the bundled scripts for code that posts to external endpoints or reads environment variables like GITHUB_TOKEN, DISCORD_WEBHOOK, etc., or (3) summarize what config.yaml options control auto-merge and automation.Like a lobster shell, security has layers — review code before you run it.
latestvk97818fj24x019kk2shv3dnjgd83w0gh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🦞 Clawdis