Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Optimize
v1.0.0Agent 優化診斷技能。分析 OpenClaw 運行狀態,識別信息過載、上下文堆積、技能噪音等問題。 提供系統級優化方案,實現瘦身提速,解決"貴慢亂"困擾。 Use when: (1) Agent 響應變慢, (2) 上下文過長導致效率低下, (3) 技能加載過多造成噪音, (4) 需要診斷性能瓶頸, (5)...
⭐ 0· 55·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Overall the files and commands align with an agent-diagnostic/optimization tool (it reads sessions, memory, skills, configs). Minor inconsistencies: the registry metadata requires 'jq' though index.js does not use jq; PATHS.npmGlobal is hard-coded to /home/admin/.npm-global/lib/node_modules/openclaw which is brittle and assumes a specific environment. These are plausible engineering sloppiness but worth noting.
Instruction Scope
SKILL.md and src/index.js instruct the agent to read many user files under ~/.openclaw, workspace memory and sessions, and to suggest shell commands that can delete files (e.g. find ... -delete), copy backups, and add cron jobs (clawdbot cron add). Those actions are within an optimizer's remit but are potentially destructive. The documentation warns user confirmation is required, yet the tool supports --auto-fix and an OPTIMIZE_AUTO_FIX flag that would apply fixes automatically — this raises a scope/authority concern if used without careful confirmation.
Install Mechanism
No external download/install spec — the skill is instruction + a local Node script (src/index.js). That reduces supply-chain risk compared to remote fetches. The code uses child_process.execSync; there are no network downloads in the provided files. No red-flag install URLs found.
Credentials
The skill does not request secrets or external credentials and declares optional environment variables (OPTIMIZE_*), which match behavior in index.js. However, declared abilities include reading ~/.npm-global and an absolute /home/admin npm global path; the hard-coded admin path could cause the tool to inspect locations outside the current user's directories. No sensitive tokens are requested, which is proportional, but be cautious about the tool reading many local files.
Persistence & Privilege
The SKILL.md suggests adding cron jobs (clawdbot cron add) for periodic runs and provides an --auto-fix mode; while the skill isn't set always:true, scheduling cron or enabling auto-fix would create persistent actions that could modify system state over time. Also the capability metadata attempts to deny writes to workspace/.openclaw but the instructions include delete operations — a capability/instruction mismatch that could lead to unexpected behavior or inadequate permission checks.
What to consider before installing
What to check before installing or running this skill:
- Review src/index.js locally: confirm exactly what file paths it reads and any delete/archive commands it will run. The script reads ~/.openclaw, workspace memory and sessions, and may suggest or run deletion commands.
- Do not enable automatic fixes on a production system without testing. Set OPTIMIZE_AUTO_FIX=false (default) and run the diagnosis to inspect recommendations first.
- Back up your OpenClaw data (sessions, memory, configs) before applying fixes. The README and SKILL.md include backup examples — run them manually and verify backups.
- The tool can add cron jobs (persistence). If you do not want scheduled runs, do not run the 'clawdbot cron add' commands and remove any created cron entries.
- Note capability mismatches: the skill declares no write permission to workspace/.openclaw but advises delete commands and cron creation; ensure the runtime enforces the intended write restrictions or run the tool in a safe test environment first.
- If you plan to allow autonomous agent invocation (default platform behavior), be cautious: an agent could invoke this skill and request auto-fix. Prefer manual invocation for the first few runs.
- If anything is unclear, ask the skill author for (1) justification for the hard-coded /home/admin path and jq requirement, (2) explicit explanation of what --auto-fix will change, and (3) whether cron creation requires user consent.src/index.js:44
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97aw8qr8062yvg53ymv0m8p0d8464te
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode, jq