ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Proactive Agent Skill 1.0.0

v1.0.0

Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Includes WAL Protocol, Working Buffer, Autono...

0· 245·2 current·2 all-time
by@flychicks
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's claimed purpose (make agents proactive: WAL, working buffer, heartbeats, autonomous crons) matches the instructions for file-based memory, compaction, and scheduling. However the SKILL.md references running 'openclaw run' and checking 'OpenClaw gateway status' without declaring required binaries or connector credentials, which is an incoherence between declared requirements (none) and the runtime actions it prescribes.
!
Instruction Scope
Instructions explicitly direct the agent to check email inboxes, calendars, 'system status', and 'OpenClaw gateway status', and to 'log everything' into working-buffer and MEMORY.md. Those actions imply access to user data and external services but the skill does not specify how to authenticate, what endpoints to use, or what filtering/retention to apply. That broad data-collection guidance could result in sensitive information being stored or exposed if operators follow it without guardrails.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, which minimizes direct code-install risk. There is nothing written to disk by an installer here — however the instructions themselves advise creating files and cron jobs at the OS level, which creates persistence later if followed.
!
Credentials
The SKILL.md implies the need for credentials/connectors to access email, calendar, and the OpenClaw gateway, yet requires.env is empty and no primary credential is declared. That mismatch is disproportionate: actions that access third-party services normally require explicit credential configuration. Also the suggested 'log everything' and long-term MEMORY.md retention raise privacy concerns if sensitive tokens or PII are captured.
Persistence & Privilege
The skill does not request elevated platform privileges and always:false. However it instructs adding OS-level cron jobs and persistent memory files (SESSION-STATE.md, MEMORY.md, working-buffer.md), which create lasting agent behavior and stored data. This persistent behavior is expected for a proactive agent but increases blast radius if misconfigured.
Scan Findings in Context
[no_regex_findings] expected: The static scanner found no patterns because this is an instruction-only skill with no code files. That is expected, but absence of findings does not guarantee safety — the SKILL.md itself contains operational instructions that need review.
What to consider before installing
This skill is a pattern/template for making an agent proactive (WAL, heartbeats, crons) but it leaves key operational details unspecified. Before installing or adopting it: (1) verify how email/calendar/OpenClaw access will be implemented — do not provide credentials unless you understand the connector and trust the endpoint; (2) inspect and restrict what gets written to working-buffer.md and MEMORY.md (avoid logging credentials or PII; consider encryption or limited retention); (3) review any cron/automation commands before adding them to your system (ensure they run only the intended CLI and with least privilege); (4) ensure 'openclaw' binary or other tools referenced are installed from trusted sources and update the skill metadata to declare these requirements; (5) prefer manual testing in a sandboxed account or environment first. These gaps look like sloppy/overly-ambitious documentation rather than clearly malicious intent, but they could lead to data exposure if followed blindly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f3acxaakppjnzf8kjxkw4xh8306k5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚀 Clawdis

Comments