ClawHub

Multi Step Workflow

v4.4.5

Professional SOP with Machine-Gated Planning, Native-CLI Config, and Audit-Hardened Private Sandbox Storage.

0· 198·0 current·0 all-time
by@chyern
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (node, openclaw), and included scripts (approve, task-tracker, context-snapshot, path-resolver) are coherent: the skill manages plans, gating, local snapshots, and uses the OpenClaw CLI for its own config entries.
Instruction Scope
Runtime instructions stay local: they instruct running included node scripts and using openclaw config get/set on the skill's own config path. Note: context snapshots include project_root (process.cwd()) and 'findings' as raw data; if enabled, snapshots may store sensitive content from the task (this is documented and default is off).
Install Mechanism
Instruction-only with bundled small scripts and no external download/install steps. No archive downloads or remote install URLs; lowest-risk install footprint.
Credentials
The skill requests no environment variables or external credentials. It uses the OpenClaw CLI to read/write its own config entries, which is appropriate for a skill that can configure sub-agent behavior.
Persistence & Privilege
always is false. The skill writes files only under a per-project /tmp subdirectory it creates with 0700 and sets files to 0600 where possible. It modifies only its own OpenClaw config path as instructed. Autonomous invocation is permitted by default (expected).
Assessment
This skill appears to do what it says: manage multi-step plans, gate execution via an approval script, and optionally save local snapshots. Before installing: 1) Review and be comfortable with openclaw CLI access because the skill reads/writes skills.entries.multi-step-workflow.config; only allow this if you trust the OpenClaw environment. 2) Keep useSnapshots disabled unless you trust local disk: snapshots include project_root and raw 'findings' and could capture secrets from task data. 3) The code is small and local—inspect scripts (approve.js, context-snapshot.js, task-tracker.js, path-resolver.js) yourself; they perform only filesystem ops and set restrictive permissions, and contain no network calls. 4) On non-POSIX filesystems (or restricted environments), chmod behavior may differ—verify file protections meet your requirements. 5) If you expect the skill to spawn sub-agents, verify the OpenClaw config controls are set as you intend (useSubAgents, maxSubAgents) and that the environment prevents unwanted OS/network commands. If you discover any hidden network code or additional required env vars not listed here, re-evaluate (that would raise suspicion).

Like a lobster shell, security has layers — review code before you run it.

latestvk9747h46f6e3bwds2epgnmn0jh84zp3x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, openclaw

Comments