Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Research Pipeline
v1.0.1从 AutoResearch 到完整项目的全自动流水线(实验 → 多 Agent 编排 → 技能封装)
⭐ 0· 191·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is an instruction-only macro that sequences AutoResearch steps and then invokes an 'agency-agents' orchestrator to complete a project. Requiring no binaries, env vars, or installs is consistent with a lightweight orchestrator that merely calls other skills.
Instruction Scope
The SKILL.md instructs the agent to run /autoresearch setup/run/analyze and then call /openclaw skill use agency-agents --agent orchestrator "依据分析完成项目". That delegation is intentionally open-ended: the orchestrator is told to 'complete the project' based on analysis, which grants broad discretion to invoke other skills, perform network I/O, modify outputs, and potentially create or package new skills. The instructions do not place constraints, checkpoints, or limits on what the orchestrator may do.
Install Mechanism
No install spec and no code files — instruction-only — so nothing is written to disk by this skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate given it only directs other skills to run; however, the real credential/privilege needs depend on the downstream skills it invokes.
Persistence & Privilege
always is false, but the skill explicitly initiates an orchestrator agent that may autonomously invoke and coordinate multiple agents and perform 'skill packaging'. This can result in creation/enabling of other skills or wide-ranging actions — a higher-privilege behavior by delegation even though the skill itself doesn't request persistent privileges.
What to consider before installing
This skill is essentially a macro that tells other skills to run and then hands work to an orchestrator agent to 'complete the project.' That is not inherently malicious, but it is powerful and open-ended: the orchestrator could perform network calls, access data, enable or create other skills, or make irreversible changes. Before installing or running it, (1) inspect the implementations/prompts and permissions of the referenced skills (AutoResearch and agency-agents/orchestrator); (2) require manual approvals or breakpoints between stages (do not allow fully autonomous end-to-end runs on your production environment); (3) run it first in a safe sandbox or isolated workspace with no sensitive credentials; (4) restrict what data the orchestrator can access and review audit logs for actions it takes; and (5) avoid providing any secrets or broad credentials unless you have reviewed the downstream agents' behavior. If you can provide the SKILL.md or code for the referenced 'autoresearch' and 'agency-agents' skills, I can give a higher-confidence assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk97evw0vecxay0zwma6sqj93k583a3rg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.