ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Soulforge

v1.4.1

Run high-signal autonomous coding loops with Soulforge (feature-dev/bugfix/review-loop) using strict worktree isolation, review gates, and scoped fix cycles.

0· 899·1 current·1 all-time
by@jamesrp13
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared requirements (soulforge, codex, gh) align with an autonomous coding/PR workflow (orchestration, code-generation, GitHub PRs). However the instructions repeatedly reference the 'openclaw' CLI and the 'claude' executor without listing 'openclaw' or 'claude' as required binaries — a clear mismatch between claimed requirements and what the playbook expects.
!
Instruction Scope
The SKILL.md instructs running commands that will call out to external CLIs (notably 'openclaw agent' in callback-exec examples) and recommends writing state files into worktrees. The example callback embeds an explicit session key string targeting a Slack channel, which would cause external transmission of run/step status. The docs do not declare or justify this credential usage or show how to supply it safely (e.g., via env vars).
Install Mechanism
This skill is instruction-only with no install spec or embedded downloads, so nothing is written to disk by the skill bundle itself. That minimizes installer risk.
!
Credentials
requires.env is empty, yet examples include a hard-coded OpenClaw session key string (agent:cpto:slack:channel:c0af7b05h28) and the playbook refers to CLIs not declared in the metadata. The skill should declare required binaries and any credentials it expects; embedding or implying credentials in examples without declaring them is disproportionate and risky.
Persistence & Privilege
The skill does not request always: true, persistent installation, or modifications to other skills. Autonomous invocation is allowed (platform default) but not combined here with other high-risk privileges.
What to consider before installing
This skill looks like a usable playbook for running Soulforge, but there are mismatches and an unsafe example. Before installing or running: 1) Ask the publisher for source/homepage and a signed release for the soulforge binary — don’t run unknown binaries. 2) Verify you have (or are willing to install) the CLIs the guide actually uses: openclaw and claude in addition to soulforge, codex, and gh; the metadata should list them. 3) Never paste hard-coded session keys or tokens from examples into real commands — the example contains an OpenClaw session key string that would grant a client access to deliver messages to a Slack channel. Prefer passing any session key via a secure env var and audit its scope. 4) Try runs in an isolated test repo/worktree first (no sensitive data) to confirm behavior. 5) If you need to use the callback feature, confirm what data is sent in callbacks and that the receiving agent/channel is trusted. If the publisher cannot explain the missing required binaries and the embedded session-key example, treat the package as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk978181j33fapzd9tp02r2k4xx822m3a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔥 Clawdis
Binssoulforge, codex, gh

Comments