ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kanban

v1.0.0

Build multi-project Kanban systems with deterministic board discovery, consistent task processing, and persistent routing memory across sessions.

0· 531·7 current·7 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (multi-project Kanban with persistent routing memory) match the instructions: all required actions are limited to creating, reading, and updating local board/memory files under ~/kanban/ or a workspace .kanban/. No unrelated binaries, credentials, or services are requested.
Instruction Scope
SKILL.md and the auxiliary documents only instruct the agent to resolve project context, follow discovery rules, validate/repair board files, and update local index/memory/log files. The instructions do not ask the agent to read arbitrary system files, access network endpoints, or transmit data externally. They do require the agent to determine the 'current workspace root' (expected for workspace-local mode) and to read/write the specified Kanban paths.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. Nothing is downloaded or written by an installer, so there is no install-time risk.
Credentials
The skill requests no environment variables or credentials. Its file access is limited to the declared Kanban locations (~/kanban/ or {workspace}/.kanban/), which is proportionate to its purpose. The memory/index files explicitly say not to store secrets.
Persistence & Privilege
The skill is not marked always:true and does not request elevated or platform-wide persistence. It writes its own local files (memory/index/projects) which is expected behavior for maintaining Kanban state and is scoped to the declared directories.
Assessment
This skill appears to do only local Kanban bookkeeping. Before installing, confirm you are comfortable with the agent reading and writing files under ~/kanban/ (or project .kanban/ directories). Ensure the agent process that will run skills has appropriate filesystem permissions (so it can create/read/write those paths) and that you trust it not to be given broader FS/network permissions. If you need stricter control, ask the agent to keep boards workspace-local or to avoid creating memory files without explicit confirmation.

Like a lobster shell, security has layers — review code before you run it.

latestvk977sv8bv4zy870286c75357bs821ghw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
OSLinux · macOS · Windows

Comments