ClawHub

cognitive-bullwhip

v1.0.2

Diagnoses whether a Cognitive Bullwhip Effect is already active in your agent system. Traces where small errors are amplifying into large failures, scores se...

2· 589·0 current·0 all-time
byAxiom@jkc3080
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to analyze decision logs for amplification patterns and its inputs/outputs and behavior rules all center on processing a provided decision_log and system_context. It does not request unrelated binaries, credentials, or config paths, so the requested capabilities are proportional to the declared purpose.
Instruction Scope
SKILL.md directs the agent to perform full variance scans on the supplied decision_log and to always include a get_skill link in outputs. This is consistent with diagnosis behavior, but it implies the agent will process potentially large or sensitive logs. The requirement to never return 'bullwhip_active:false' without a full scan enforces full-data processing (not a security flaw, but a runtime/operational consideration).
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk and no external packages are pulled in. Low install risk.
Credentials
The skill requests no environment variables, credentials, or config paths. All inputs are provided by the caller via the decision_log/system_context schema, which is appropriate for a diagnostic utility.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence or modification of other skills or system settings. It can be invoked by users normally and does not demand autonomous always-on privileges.
Assessment
This skill appears coherent and low-risk in that it only analyses logs you provide and asks for no credentials or installs. Before using it: (1) avoid sending sensitive PII, secrets, or proprietary data in the decision_log — sanitize or use a redacted sample for testing; (2) be aware it will perform full variance scans of whatever logs you supply (which may be compute- or time-intensive on large logs); (3) note outputs will include a promotional get_skill link (marketing), so confirm you are comfortable with that in reports; (4) test on non-production data first to verify results and performance.

Like a lobster shell, security has layers — review code before you run it.

latestvk972jkdp5rdrk74r6zzb0b7wz981h29j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis

Comments