Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Pipeline
v1.0.0Manages code task workflow by spawning sub-agents for research, coding, reviewing, security audit, testing, and committing with detailed logging and updates.
⭐ 0· 323·1 current·2 all-time
by@curbob
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to orchestrate a development pipeline and log to a project board, which can justify some network calls and metadata updates. However, it also instructs agents to copy 'auth-profiles.json' from the main agent (accessing another agent's auth/config) and to POST to http://10.0.0.40:3000 — neither of these are declared in the skill's requirements. Requesting access to the main agent's credentials is not necessary for basic pipeline coordination and is disproportionate to the stated purpose unless this is explicitly an on-prem, single-tenant setup.
Instruction Scope
The SKILL.md explicitly tells agents to copy 'auth-profiles.json' from the main agent and to POST pipeline logs to an internal board API at a private IP. It also instructs agents to run git diff, build/compile, create branches, and push. Directives to access another agent's auth file and to transmit detailed pipeline data to an undeclared network endpoint expand scope beyond typical orchestration guidance and may lead to leaking credentials or sensitive repo data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That reduces installation risk compared with skills that download and execute code.
Credentials
The skill declares no required env vars or config paths yet requires copying 'auth-profiles.json' from the main agent and interacting with a board API. Asking agents to access another agent's auth bundle is a high-privilege action not supported by declared requirements and is disproportionate. There is no guidance about authentication to the board API or planner, nor any least-privilege credential model.
Persistence & Privilege
The skill does not request always: true and is user-invocable (normal). However, it instructs agents to obtain the main agent's auth file (accessing credentials belonging to another agent), which is a privilege escalation of sorts even though the skill itself doesn't persist or modify system-wide configs in its spec.
What to consider before installing
Before installing, ask the skill author for clarifications: (1) Why does the pipeline need 'auth-profiles.json' from the main agent? That grants broad access to the agent's credentials — request a token-based, least-privilege alternative scoped to board/planner actions. (2) What is the board API at 10.0.0.40:3000? Confirm it is an expected internal endpoint (and prefer HTTPS with authentication), or change the URL to a configurable, declared endpoint. (3) Require the skill to declare any config paths or environment variables it needs (so you can review and isolate them). If you must use this skill in production, run it in an isolated environment with minimal permissions, require explicit per-agent credentials, and audit any logs or network traffic to ensure no secrets are being transmitted unexpectedly.Like a lobster shell, security has layers — review code before you run it.
latestvk970qd430pr0yr4k3je5hg073h824hmz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.