ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

auto-research-proposal

v1.0.0

Multi-agent research war room. Personas debate in sequential turns through two phases — ideation and proposal writing. Persona persistence and drift detectio...

0· 65·0 current·0 all-time
byZhengxuan Wu@frankaging
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (multi‑agent research war room) matches the actual artifacts: persona files, an orchestration SKILL.md, and a local monitor script. Declared dependencies (other research-related skills) are coherent with the orchestration role. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
The runtime instructions read persona files, other skills' SKILL.md (persistent-persona, memory-checkpoint, etc.), and project memory files; they create/write discussion logs, checkpoint files, and per-agent memos under memory/.private. This is expected for an orchestrator but means the skill will access and persist local project data. It also optionally spawns a terminal and launches monitor.py (OS-specific commands shown). The spawn is optional and the monitor runs locally; however, review of the monitored project contents and the other skills it pulls in is recommended because those SKILLs' instructions will be included in subagent prompts.
Install Mechanism
No install spec is provided (instruction-only plus a local monitor.py). monitor.py requires the 'rich' Python package but the SKILL.md does not auto-install it; the monitor will exit if 'rich' is missing. No downloads from external URLs or package installs are automated by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. All file accesses are within the project memory and skills folder, which aligns with the orchestrator purpose.
Persistence & Privilege
always:false and no indication of modifying other skills' configurations or system‑wide settings. The skill writes its own memory files under the project's memory/ and memory/.private/ directories (expected for session persistence).
Assessment
This skill appears internally consistent with its purpose, but check the following before installing: 1) It will read and write files under your project (memory/, memory/.private/, and discussion logs); avoid running it in projects with secrets or sensitive data. 2) It includes instructions to spawn a local terminal and run monitor.py (uses osascript/xterm) — this is optional and may fail on headless systems. monitor.py requires the Python package 'rich' (pip install rich). 3) The orchestrator reads other skills' SKILL.md (persistent-persona, memory-checkpoint, arxiv-watcher, etc.) and injects their content into subagent prompts — review those dependent skills to ensure they don't introduce unwanted behavior or remote endpoints. 4) No network endpoints, credentials, or installers are required by this skill itself, but be cautious if you later enable remote or networked subagents. If you want extra assurance, review the other skills listed under depends_on and the project memory contents the skill will access.

Like a lobster shell, security has layers — review code before you run it.

latestvk975yzck7sc92mzg2e2r5m478583t04h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments