ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Feedback-Loop-v2

v1.0.1

A self-improving feedback loop skill that works fully standalone OR integrates with intent-engineering and dark-factory when available. Observes any system o...

0· 29·0 current·0 all-time
byDaniel Foo Jun Wei@danielfoojunwei
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and code align: the code normalizes inputs, scores performance, generates suggestions and regression tests, and assembles a signed report. Integration points (dark-factory outcome_report.json and intent-engineering specification.json) are implemented and expected; no unrelated credentials, binaries, or external services are requested.
!
Instruction Scope
Runtime instructions operate on local files (inputs, outcome_report.json, specification.json) and produce local artifacts (observation.json, analysis.json, improvement_report.json, updated_*.json). There is no network I/O or secret-exfiltration code visible. However, the analyzer evaluates 'condition' strings from suggestion_rules.json using Python eval(condition, {}, context). Because rule files are editable and loaded at runtime, a malicious or tampered rules/alignment file could execute arbitrary code in the process context. This is a significant runtime risk if rule files are not strictly controlled.
Install Mechanism
No install spec; the skill is distributed as scripts and reference files. Nothing in the package pulls external archives or runs network installs. Risk from installation is low, but the package includes executable Python scripts that will run on the host when invoked.
Credentials
The skill declares no required env vars, credentials, or config paths. All functionality is driven by local input files and shipped reference files. This is proportionate to the described purpose.
Persistence & Privilege
The skill does not request 'always' presence and does not modify other skills or system-wide agent settings. It writes files to the current working directory (reports, updated observations/specs) as part of normal operation — expected behaviour for a feedback loop tool.
What to consider before installing
This skill appears to implement the claimed feedback loop locally and does not request credentials or network access, but take care before running it on important systems: 1) Inspect suggestion_rules.json and any alignment/weights files before use — they are evaluated with Python eval and can run code if tampered with. 2) Only run the tool on inputs and rule files you trust; do not feed it untrusted outcome_report.json or specification.json without review. 3) Run first in an isolated/sandbox environment (container or VM) and review generated files before promoting them to production. 4) If you will use custom rules, consider replacing the free-form Python expressions with a safer, declarative rule format or restrict eval (e.g., parse conditions rather than eval). 5) Review and version-control the shipped reference files so they cannot be silently modified by third parties.
scripts/analyzer.py:142
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974pdpnyvh1pppswyfhdvhmgh848eq1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments