ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Revolution

v2.0.2

Safe publishing variant of Auto Revolution. Provides structured task templates, review prompts, safety scanning, task state updates, and logging for human su...

0· 64·1 current·1 all-time
byJaden's built a claw@cjboy007
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name, description, and included scripts (task creation, queued activation, security scanning, review trigger, apply-review, logging, lock helpers) align with the advertised 'safe publishing' / supervised-review purpose. It does not request environment credentials or external config. Note: the package references LLM role names (e.g. advanced-model/sonnet, anthropic/claude-sonnet-4-6) but does not request or document API keys — this is plausible for a publishing bundle that expects a platform-level agent, but users should be aware it assumes an external agent/model infrastructure.
!
Instruction Scope
SKILL.md and scripts otherwise stay within the stated supervised workflow boundaries, but multiple instructions reference scripts or behaviors that are not present (e.g., create-task.js and README mention node scripts/start-reviewer.js and node scripts/start-executor.js; apply-review.js and create-task.js mention node scripts/iron-heartbeat.js). trigger-review.js explicitly recommends an 'automatic (recommended) sessions_spawn' flow to call Sonnet and then auto-apply results — this encourages autonomous invocation despite the package's repeated claim that it avoids autonomous background execution. These inconsistencies grant the agent/user broad discretion and could mislead someone expecting a purely manual, audited flow.
Install Mechanism
No install spec is provided (instruction-only publish bundle). All code is bundled in the package; nothing is downloaded or executed automatically during install, which is the lowest-risk install behavior.
Credentials
The skill requires no environment variables, credentials, or external config paths. It references model names only in config/models.json and prompts; these do not themselves require secrets in the bundle. This is proportionate to a local publishing helper package, but if you intend to integrate with hosted models you will need platform credentials that are not requested here.
Persistence & Privilege
The package does not request always:true or any persistent system-level privileges. It reads/writes files under local tasks/ and logs/ directories only. That level of persistence is expected for a task management helper and is consistent with the stated purpose.
What to consider before installing
This package broadly matches a supervised task-review/publishing helper, but proceed cautiously: - Do not assume the package is a drop-in complete system: several scripts referenced in README/SKILL.md are missing (start-reviewer.js, start-executor.js, iron-heartbeat.js) — the README and some outputs point to workflows that rely on external components not bundled here. - Inspect and fix shell scripts before running: force-unlock.sh and unblock-task.sh appear to contain a stray trailing '}' and other minor syntax issues; test them in a safe environment first. - Beware of implicit automation suggestions: trigger-review.js recommends using sessions_spawn (automatic invocation) as 'recommended'. If you want a strictly supervised flow, avoid using sessions_spawn or any automatic runner that would feed model output back without human review. - The security scanner is helpful (security-scan.js), but it is pattern-based and not foolproof. Always review any generated 'next_instructions' yourself before executing them. - Run the scripts in an isolated environment (sandbox/container) with backed-up task/log directories the first time, and validate behavior on sample tasks. If you plan to use this in production or link it to hosted LLMs, ask the publisher for the missing runner scripts or documentation about the intended orchestration and ensure platform credentials are stored and used outside this package. Fix the reported script syntax issues and verify that automatic invocation paths are intentionally enabled and audited before enabling them.

Like a lobster shell, security has layers — review code before you run it.

latestvk9790tnhyd9gt03qyqtvp5rsps840y3n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments