Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description promise (automatic multi-agent generation with checkpointing and resume) matches what the code and SKILL.md do: scanning projects/, generating chapters, persisting progress.json, creating trigger files and CONTINUE.md, and orchestrating continuation. No unrelated credentials or external services are requested.
Instruction Scope
Runtime instructions and scripts read and write files under ~/.openclaw/workspace/projects and ~/.openclaw/logs, create .trigger-continue and CONTINUE.md, and expect modification of heartbeat/Cron to enable automated continuation. This is within the stated purpose, but the agent will scan your projects directory and may spawn continuation sessions automatically if you enable Cron/heartbeat — a non-technical user should be aware this grants the skill ongoing file-system activity and autonomous runs.
Install Mechanism
No external installers, downloads, or package fetches are required; the skill is instruction-plus-local-scripts only. That lowers supply-chain risk. Files are plain JS scripts and markdown templates bundled with the skill.
Credentials
The skill requests no environment variables or credentials. It operates on local files under the user's OpenClaw workspace, which is consistent with its purpose. No unrelated secrets or system-level credentials are requested.
Persistence & Privilege
Although always:false, the skill's documentation instructs adding Cron tasks and HEARTBEAT checks so it will run periodically and can autonomously spawn continuation sessions (via trigger files and platform session-spawn mechanisms). This gives the skill persistent autonomous behavior on the host if you follow the migration/setup steps — review and control Cron/heartbeat configuration and autoContinue flags before enabling.
Assessment
This skill appears to implement exactly what it claims: automated, multi-agent document generation using files and trigger files under ~/.openclaw. Before installing or enabling automatic operation, do the following:
- Inspect the bundled scripts (continue-executor.js, trigger-continue.js, scripts/*) to confirm you understand what they read and write. They will scan and modify files in ~/.openclaw/workspace/projects and write logs to ~/.openclaw/logs.
- Keep autoContinue disabled (set autoContinue:false in progress.json) until you've tested with a small sandbox project and --dry-run modes (scripts support dry-run).
- The guide recommends adding Cron or heartbeat checks; only enable those if you trust the code. Cron/heartbeat will cause periodic autonomous behavior and session spawns on your instance.
- Run the scripts in a sandbox account or VM first, and back up any existing projects before migrating.
- Note minor code quality issues in some examples (e.g., path expansion usage) — these are bugs, not evidence of exfiltration, but test to ensure scripts behave as expected on your platform.
- If you need to be extra cautious, remove or restrict the cron/heartbeat entries and run continuation manually.
If you want, I can point out exact lines in the scripts that create trigger files, update progress.json, or recommend a minimal safe test procedure.Like a lobster shell, security has layers — review code before you run it.
latestvk97dr59frphs89qgh2xtvh9c4983qa5h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.