ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quasi Coder

v1.0.0

Expert 10x engineer skill for interpreting and implementing code from shorthand, quasi-code, and natural language descriptions. Use when collaborators provid...

0· 708·3 current·3 all-time
byJohn Haugabook@jhauga
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (translate shorthand/quasi-code into production code) matches the SKILL.md content. The skill declares no binaries, env vars, or install steps — all consistent with an instruction-only code-generation helper.
Instruction Scope
SKILL.md gives the agent broad, explicit rules for interpreting and replacing shorthand (markers, '()=>', confidence thresholds for changing approaches). This is coherent for a quasi-coding role, but it also gives the agent substantial discretion to transform collaborators' input into production code; users should expect potentially large automated edits and verify changes. The instructions do not instruct reading unrelated system files, secrets, or contacting external endpoints.
Install Mechanism
No install spec and no code files — lowest-risk model: nothing is downloaded or written by an installer as part of skill installation.
Credentials
The skill requires no environment variables, credentials, or config paths. There is no disproportionate request for secrets or external service tokens.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). The skill does not request permanent presence or modifications to other skills or system-wide settings.
Assessment
This skill appears internally consistent for converting shorthand into code, but it gives the agent wide latitude to rewrite or ‘fix’ collaborators’ descriptions. Before using: (1) prefer user-invoked use (don’t enable autonomous edits), (2) keep work under version control and review diffs the skill produces, (3) run tests and security scans on generated code, (4) avoid embedding secrets in shorthand, and (5) ask the agent to request clarifying questions rather than making large assumptions when intent is unclear.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ecwp03h4j69xpzsw664p44h81b7fa

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments