Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
oh my skill, make skill easy!
v1.1.2Automatically generate and save a reusable skill after AI agent successfully completes a complex task involving 5 or more tool calls. Use this skill whenever...
⭐ 0· 88·0 current·0 all-time
byJay@goog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description align with its actions: it reads the conversation, drafts a SKILL.md, and writes files to ~/.openclaw/workspace/skills. Requested runtime resources are minimal (python). Minor incoherence: registry metadata lists no required config paths, yet the SKILL.md assumes and writes into ~/.openclaw/workspace/skills — the config path requirement is not declared.
Instruction Scope
The SKILL.md tells the agent to proactively trigger after complex tasks (even if the user didn't ask), analyze the full conversation, run a desensitization script on session text, and save SKILL.md plus any supporting scripts/files. The desensitization step only explicitly covers session text (not arbitrary uploaded files or scripts), and the skill instructs saving potentially user-supplied scripts and references to disk without mandatory sanitization of those artifacts. Proactive prompting and saving of artifacts increases privacy risk.
Install Mechanism
No install spec (instruction-only with one included helper script). No network downloads or third-party package installs were requested, which is low risk. The included desensitization script is present as a local file.
Credentials
The skill requests only python as a binary and no environment variables or credentials, which is proportionate. However, it expects write access to ~/.openclaw/workspace/skills (not declared under required config paths), and it will read the agent's conversation history — both are reasonable for the stated purpose but should be made explicit in metadata.
Persistence & Privilege
Although always:false, the SKILL.md explicitly instructs the agent to trigger proactively after qualifying workflows. Since model invocation is allowed, this means the skill can repeatedly offer to save workflows and will create persistent files under the user's workspace. Combined with the instruction to save supporting scripts/assets (with limited sanitization), this raises privacy and data-leakage risk.
What to consider before installing
This skill largely does what it claims (auto-generate reusable skills), but proceed cautiously: 1) Understand that it will examine your conversation and may offer to save a skill automatically — disable or limit proactive triggering if you don't want that. 2) The included desensitize.py masks many common secrets in session text, but it only mentions session text — it does not guarantee files, uploaded scripts, or binary data are sanitized. Before letting it save supporting scripts or references, inspect those artifacts yourself. 3) Note the skill writes to ~/.openclaw/workspace/skills (the registry metadata didn't declare this path) — ensure you trust the skill with that directory. 4) If you need stronger privacy, ask the skill author to: (a) declare the config path in metadata, (b) extend desensitization to file contents (and binary-safe handling), (c) avoid proactive saves unless explicitly approved each time. If you are uncomfortable with automatic saving of workflow artifacts or with the current sanitization guarantees, don’t enable the skill or restrict it to manual invocation only.Like a lobster shell, security has layers — review code before you run it.
latestvk97fqdkgkzfxvaxk7x91p8khkd84gd3t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython