ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Architect Assistant

v1.0.0

Architecture personal assistant — daily news digests, project tracking, research scouting, design concept exploration, client message drafting, and passive p...

0· 47·0 current·0 all-time
byXu Hao-Tian@hao-tian-xu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Most requested behaviors (reading/writing workspace project files, creating digests, loading local procedure templates, researching listed sources) align with an architecture assistant. However, the explicit step to modify workspace/AGENTS.md to enable a passive capture behavior is not strictly required for basic assistant functionality and widens the skill's effective reach.
!
Instruction Scope
SKILL.md instructs the agent to 'continuously listen' during every conversation and 'be invisible'—automatically updating project files without asking. It also directs the agent to treat project files as canonical and to overwrite them if the user 'contradicts' them. This is broad, silent data capture and automatic modification of user files beyond simple on-demand operations.
Install Mechanism
No install spec and no code files are present; the skill is instruction-only. That reduces risk from arbitrary third-party code or downloads.
Credentials
The skill declares no required environment variables, binaries, or external credentials. There are no requested secrets or unrelated service tokens.
!
Persistence & Privilege
The first-run flow explicitly appends a directive to workspace/AGENTS.md to enable passive project-capture during every conversation. That effectively grants the skill persistent, background behaviors and the right to modify agent configuration in the workspace — a meaningful privilege that combines with the 'be invisible' rule to increase risk.
What to consider before installing
This skill mostly does what it says (project files, digests, research), but it asks the agent to silently monitor every conversation and automatically edit project files and AGENTS.md. Before installing: (1) Decide whether you want an assistant that edits files without prompting — if not, don't enable the passive behavior. (2) Back up your workspace (workspace/ and USER.md) so automatic updates can't overwrite important information. (3) Inspect or gate any changes to workspace/AGENTS.md — prefer a manual opt-in so the skill can't enable continuous capture without your explicit confirmation. (4) Confirm project-capture rules (what counts as a decision vs a passing mention) and require the assistant to ask before making significant changes (phase changes, payment status). Because there are no network credentials requested, remote exfiltration risk is low, but the main risk is silent local data capture and unwanted file modifications — treat those as the primary concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk974126aawketp3fd0hev07vy183t6mm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments