the king is watching

What to check before installing or running this skill: 1) Inspect translator and runtime execution paths: open overseer/translator.py and overseer/__init__.py (the files that compile/execute translated workflows). Confirm whether the translator executes arbitrary Python, spawns subprocesses, or performs network calls. If it uses exec()/eval() or writes and imports generated .py files, assume arbitrary code execution is possible. 2) Run in an isolated environment first: test the skill in a disposable VM or container with minimal permissions and no sensitive mounted files. That limits damage if generated workflows perform unwanted actions. 3) Check notification integrations: search the codebase for Feishu/Discord/HTTP clients or webhook usage. If you plan to enable notifications, provide tokens only after auditing the implementation and using scoped secrets / webhooks rather than full-account credentials. 4) Review persistence paths and retention: the skill uses a .overseer state directory by default. Confirm where it writes files and whether those files might contain sensitive data. Consider configuring a dedicated state_dir on non-sensitive storage. 5) Be cautious with the one-liner/auto-run features: translate_and_run and auto-generated skill code can create and immediately execute workflows. Prefer the translate→preview→run pattern (translator.explain_plan, Overseer.from_plan) so you can inspect the generated plan before execution. 6) Note oddities in test code: test_overseer.py inserts an absolute path (/root/.openclaw/...) which may indicate assumptions about environment layout; that is not harmful by itself but worth being aware of. If you cannot review the translator/runtime code yourself, treat the skill as untrusted: avoid running it with access to secrets, system-level directories, or production data.