ClawHub

NextFromKnowledge

v1.0.0

Knowledge-to-action skill that turns notes, research, meeting summaries, documents, and knowledge graph outputs into the next action, decision, plan, or expe...

0· 40·0 current·0 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and CLI: the code distills text and produces next steps, plans, decisions, experiments, and gaps as described. There are no extraneous cloud or platform credentials requested.
Instruction Scope
SKILL.md stays within scope: it instructs how to convert notes/graphs into actions and references local files in the repo. Runtime instructions do not ask the agent to read system-wide config, secrets, or exfiltrate data to third parties.
Install Mechanism
There is no install spec and the repository contains a simple Node.js implementation and a small CLI. No remote downloads, URL-based extracts, or third-party install steps that would write arbitrary code to disk are present.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. package.json only specifies Node engine requirements. The code uses only the filesystem for reading input and does not access external services.
Persistence & Privilege
always:false and model-invocation defaults are normal. The skill does not modify other skills or system-wide settings and does not request permanent presence or elevated privileges.
Assessment
This skill appears coherent and implements what it claims: a local Node.js text distillation engine and CLI for turning notes into next steps. Before installing or running: (1) review the included files (src/index.js, bin/cli.js, scripts/publish.sh) if you plan to run it on sensitive data — the CLI reads files you point it at and prints output to stdout; (2) avoid piping highly sensitive secrets into the tool unless you trust the runtime environment; (3) the publish script calls a 'clawhub publish' command — only run it if you intend to publish the package; and (4) verify the repository URL in package.json if you want to inspect upstream source history. Otherwise the skill is internally consistent and does not request unexpected permissions or credentials.

Like a lobster shell, security has layers — review code before you run it.

actionvk978mp00fcpsp5mxtjwn5b2qax8432k8decisionvk978mp00fcpsp5mxtjwn5b2qax8432k8experimentvk978mp00fcpsp5mxtjwn5b2qax8432k8knowledgevk978mp00fcpsp5mxtjwn5b2qax8432k8latestvk978mp00fcpsp5mxtjwn5b2qax8432k8planningvk978mp00fcpsp5mxtjwn5b2qax8432k8productivityvk978mp00fcpsp5mxtjwn5b2qax8432k8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis
OSLinux · macOS · Windows

Comments