ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Proactive Intelligence

v2.3.1

主动智能:预测需求 + 自我改进 + 智能记忆 + 技能管理 + 技能进化。融合 proactivity 和 self-improving 的核心功能,并添加自动技能升级和编辑能力。

0· 69·0 current·0 all-time
bychangle@cle87937-code
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill claims to analyze, edit, and upgrade other skills — the included code (skill-evolver.py, skill-manager.py) implements exactly that: scanning ~/.openclaw/workspace/skills, backing up, analyzing, and (optionally) fixing files. Access to skill directories and ability to run 'clawhub' is coherent with the stated capability. However, creating/synchronizing arbitrary workspace .md files and writing into ~/proactive-intelligence/ goes beyond a purely passive analyzer and is a write-capable component that the README does not emphasize as a potentially intrusive action.
!
Instruction Scope
SKILL.md and setup instruct the user to run init.py which will create ~/proactive-intelligence/ and — without interactive confirmation — search ~/.openclaw/workspace/ for *.md and replace strings (old_path -> new_path) and write those files. skill-evolver.py exposes automated fix functionality that can edit skill code (it does prompt via input() when auto_fix is false, but auto_fix can be enabled programmatically). The manager runs shell commands (clawhub) and may suggest or execute installs. These instructions explicitly direct the agent to read and write many user files and to edit other skills' code — operations that are intrusive and high-impact.
Install Mechanism
No external install/download URLs or package installs are declared — this is an instruction+code bundle. There is no high-risk network download step in the install spec. The install is local (run init scripts) so install mechanism itself is low risk compared to remote downloads.
Credentials
The skill declares no environment variable or credential requirements, which is consistent. However, it accesses and modifies user file paths (home/proactive-intelligence, ~/.openclaw/workspace/, skills directory). While these file accesses are necessary for a skill that edits other skills and stores memory, they are significant privileges relative to many skills and should be carefully considered.
!
Persistence & Privilege
The skill is not 'always: true', but it can be invoked autonomously (default). Combined with the ability to edit other skills, run shell commands, and modify workspace files, autonomous invocation increases blast radius. The SKILL.md claims user confirmation for high-risk operations, but init.py performs potentially wide-reaching modifications automatically during initialization.
What to consider before installing
What to consider before installing: - This skill intentionally reads and writes files in your home directory (~ /proactive-intelligence) and the OpenClaw workspace (~/.openclaw/workspace). init.py will automatically update all top-level .md files in the workspace by doing string replacements — this can silently change many documents. - The skill includes a 'skill evolver' that can back up, edit, and auto-fix other skills' code. While it prompts before auto-fixing in interactive mode, an automated agent run could call it with auto-fix enabled and modify code without manual review. - The manager uses subprocess.run(shell=True) to call clawhub and may recommend or execute installs. Shell execution and arbitrary command construction increase risk if the agent is compromised or mis-invoked. Recommended precautions: - Inspect the code locally (you already have the files). Look especially at init.py (workspace-wide .md replacement), skill-evolver.fix_issues (what auto-fixes it performs), and any code paths that accept remote input or enable auto_fix. - Do not run initialization in your main environment. Instead, run in an isolated VM/container or on a throwaway user account to see exactly what files are created/changed. - Backup your ~/.openclaw/workspace/ and any important .md files before running init.py. - If you want the functionality but with safer defaults: require explicit confirmations for all write operations, disable autonomous invocation for this skill (if possible), or set policy so the agent cannot run the evolver without manual approval. - Trust source: the package has no homepage and an unknown source; that increases the need for caution. Why this is 'suspicious' not 'malicious': the code implements the advertised capability (editing/upgrading skills), so behavior is coherent, but some actions are intrusive and are performed automatically (workspace md sync) or can be automated (code edits and shell commands). Those properties create a meaningful risk that warrants manual review and sandboxing before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97926wbq64wpfk3njzkgpw2b983mcaj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments