ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Codifica

v1.0.1

Keep context when work moves between agents or between you and a human. Uses the Codifica protocol to give every agent a shared, persistent memory of tasks,...

0· 555·0 current·0 all-time
byDavide Di Cillo@davidedicillo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (shared persistent memory using plain-text files stored in Git) matches the SKILL.md instructions. Requiring git (as a capability the agent must have) is appropriate and proportional.
Instruction Scope
The instructions explicitly direct the agent to read repository files (codifica.json, spec, state files, context.files, referenced artifacts) and to make atomic commits and push changes. That behavior is expected for a Git-based task protocol, but it means the skill will read/write arbitrary files within the repo's declared file_scope and will perform network operations (pull/push). If codifica.json lacks a restrictive file_scope or allowed_agents, the agent may be allowed to modify broad parts of the repo—so confirm those fields before use. The SKILL.md also forbids editing certain sections (human_review, assets/) which mitigates some risk.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. This minimizes disk-write and arbitrary code risks.
Credentials
No environment variables or external credentials are declared, which is consistent with a file-based Git protocol. However, the skill implicitly relies on the agent's Git credentials/config (local git author, SSH keys or credential helpers) to pull/push. That implicit dependence is expected but important to recognize: Git operations will use whatever repository/host credentials are available.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It instructs the agent to commit changes into the repository (normal for this purpose) but does not modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: coordinate work via plain-text state files committed to Git. Before enabling it: 1) only use it in repositories you trust (no secrets), 2) inspect codifica.json in that repo and confirm file_scope and allowed_agents are restrictive and appropriate, 3) ensure the agent's Git credentials are intentionally scoped (so pushes/pulls can't leak or overwrite sensitive data), 4) prefer running it first in a test repo to verify behavior, and 5) retain human-in-the-loop review for claims/pushes if you need stronger safety. If codifica.json is missing or permissive, do not let the agent auto-claim or push changes without a human review step.

Like a lobster shell, security has layers — review code before you run it.

latestvk973ep09q3gbta9wyn8n0fw1tx81km01

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
Any bingit

Comments