ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dark-Factory-Agent

v1.0.0

Autonomously validates specifications, runs behavioral tests, generates code, executes tests, and produces cryptographically signed outcome reports.

0· 29·0 current·0 all-time
byDaniel Foo Jun Wei@danielfoojunwei
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name/description (validate specs, run behavioral tests, generate code, execute tests, produce cryptographically signed reports) broadly matches the included scripts. However two important capability mismatches exist: (1) 'cryptographically signed outcome reports' is implemented only as a SHA-256 digest stored in the report (no private-key signature or key management), and (2) code generation and unit/integration test steps are simulated/stubbed (randomized pass/fail and placeholder generated files) rather than actually invoking a code-generation backend or executing real test suites. These are material gaps between the advertised capabilities and what the code actually performs.
Instruction Scope
SKILL.md instructs running the included Python scripts and references absolute paths like /home/ubuntu/skills/dark-factory/scripts/*. The runtime instructions and scripts operate only on provided specification JSON files and write local outcome reports; they do not read unrelated system files or request credentials. However the docs reference integrating with other skills (intent-engineering, feedback-loop) and a unified orchestrator; those integrations are only procedural examples and not implemented here. Also the orchestrator does not actually execute generated source code or run real test frameworks — it simulates those steps.
Install Mechanism
No install spec (instruction-only with bundled scripts). Nothing is downloaded or executed from remote URLs; all code is included with the skill. This minimizes install-time risk.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The code uses only local filesystem I/O for specs and reports and standard library modules (json, hashlib, etc.). No secrets or external credentials are requested or used.
Persistence & Privilege
always:false and default agent invocation are used. The skill writes output files to the specified output directory (creates directories if needed) but does not attempt to modify other skills' config or system-wide settings. Autonomous invocation is permitted by platform default — not a unique risk here.
What to consider before installing
This skill is plausible for local specification validation and mock behavioral testing, but do not assume its reports are cryptographically signed or that generated code is actually compiled/executed. Specifically: - Cryptographic signing: The orchestrator embeds a SHA-256 digest of the report and states 'In production, sign with a private key' — there is no private-key signing or key management. A SHA-256 digest alone does not provide non-repudiation. If you need verifiable signatures, add a real signing step and secure key storage. - Code generation & test execution: The code-generation and test stages are placeholders that simulate success/failure with randomness and return stub files; the orchestrator does not run the generated source through a test runner or execute the generated binaries. Do not rely on this skill for real CI verification without replacing stubs with real generation and test execution. - Hard-coded paths: SKILL.md examples use absolute paths under /home/ubuntu/skills/... — ensure the runtime environment matches or adjust paths; running the scripts on a different layout may fail. - Safe usage recommendations: run the skill in an isolated/sandbox environment, inspect the generated outcome_report.json before trusting it, and treat the report digest as an integrity checksum rather than a cryptographic signature unless you extend the workflow with private-key signing. If you intend autonomous pipeline use with real production specs or secrets, add access controls and integrate real test runners and signing infrastructure first.

Like a lobster shell, security has layers — review code before you run it.

latestvk974gcb5df05vk87rnabcsw4ad849gsy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments