Skill Interview Builder
v1.0.0通过分步访谈引导用户理清需求,最终产出完整的Skill文件包(含SKILL.md、参考文档、示例文件等), 并打包为可直接使用的压缩包。 当用户说"我想通过访谈新建Skill"、"用访谈方式做一个Skill"、"访谈建Skill"、 "通过访谈帮我生成Skill"、"访谈式创建Skill"、"我想访谈做一个XX的...
⭐ 0· 52·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description promise (interview user, collect assets, produce a Skill package) matches the SKILL.md workflow: a stepwise interview, asset collection, and file-package generation. There are no unrelated env vars, binaries, or install steps requested.
Instruction Scope
Instructions legitimately ask the agent to prompt the user, accept uploaded files, save those files into directories, create SKILL.md and other files, and prefer packaging as a zip when environment supports it. This stays within the stated purpose, but the skill assumes file-system and packaging actions — verify where files will be written and that users do not upload secrets or sensitive credentials.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is downloaded or written by an install process, minimizing supply-chain risk.
Credentials
The skill requests no credentials or config paths. It does assume the agent environment may support filesystem writes and zip/bash for packaging; these assumptions are proportional to the goal but mean the skill needs write access to user-chosen paths when used in environments offering that capability.
Persistence & Privilege
always is false and there are no indications the skill modifies other skills or system-wide settings. It may be invoked autonomously (platform default) which is expected; no persistent elevated privileges are requested.
Assessment
This skill appears coherent and does what it says: interview the user and generate a Skill package. Before installing or running it, confirm the execution environment (will it allow file writes and zipping?), choose or approve where files will be written, and avoid uploading secrets or credentials as 'reference' files. If you plan to allow the skill to run in a multi-tenant or hosted environment, restrict where it can write files and disallow automatic execution of any user-uploaded scripts; instead review scripts manually. Finally, verify generated SKILL.md and any scripts before running them in production.Like a lobster shell, security has layers — review code before you run it.
latestvk97eppe0wrvq2qndrag6r8ydn183yyqs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.