Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Dark Factory Skill
v1.0.0Manage multiple SaaS startups simultaneously with CEO-driven orchestration, product agents, ChatDev code generation, and a 3-Gate BUILD, TEST, JUDGE pipeline.
⭐ 0· 33·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes a complex multi-agent 'factory' that requires an Anthropic (Claude) API key, ChatDev cloning, product repos, and a setup script, but the registry metadata lists no required env vars, no config paths, and no install spec. Requiring a Claude API key and multiple product repositories is consistent with the described purpose, but those requirements are missing from the declared metadata — an incoherence.
Instruction Scope
Runtime instructions tell the agent/user to run 'npx clawhub@latest install dark-factory', execute 'bash scripts/setup-dark-factory-v2.sh', and auto-clone github.com/OpenBMB/ChatDev. Those steps will fetch and run remote code and expect workspace product repos and real data/screenshots. The SKILL.md grants broad operational scope (build/test/judge loops, scheduled retrospectives) without limiting what files or secrets may be accessed during setup or execution.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs use of npx (which downloads and executes code from npm) and cloning a GitHub repository. That implies running arbitrary third-party code during setup; because the registry does not vet or declare these artifacts, the install mechanism is higher risk and opaque.
Credentials
The instructions explicitly require a Claude API key and product repositories, but the skill metadata declares no required env vars or primary credential. This mismatch is problematic: the skill will likely need credentials and repo access to function, yet none are declared for review. The SKILL.md's instruction to use 'real data' for testing also raises potential data exposure concerns.
Persistence & Privilege
always is false (good) and autonomous invocation is allowed (platform default). The skill describes scheduled/continuous processes (weekly retrospectives, L6 engine) which imply persistent activity, but no explicit 'always' privilege is requested. This combination is noteworthy but not by itself a high privilege escalation.
What to consider before installing
This skill's description and its runtime instructions don't match the registry metadata. Before installing: 1) ask the publisher for a complete install spec and an explicit list of required environment variables (e.g., Claude API key) and repository access needs; 2) inspect the actual scripts that 'npx clawhub' and 'scripts/setup-dark-factory-v2.sh' would run — don't run remote install commands without reviewing them; 3) avoid using sensitive production data during initial setup/testing and use dedicated test accounts; 4) prefer an implementation that declares its required credentials and provides reproducible, auditable install artifacts (tagged GitHub releases or a registry-stored package) rather than opaque npx/git cloning. If the publisher cannot provide clear, reviewable code and declared credentials, treat this skill as risky and consider not installing it.Like a lobster shell, security has layers — review code before you run it.
latestvk9730xanepnxm2gfxanb4c0tp1841h9b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.