ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ai Company Cho

v2.0.0

AI公司首席人力资源官(CHO)技能包(战略层)。AI人才战略、绩效评估体系、激励体系、招聘标准化、劳资关系、Agent全生命周期治理。L4权限。

0· 66·1 current·1 all-time
by@johnsmithfan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and SKILL.md all describe a strategic CHO role (talent strategy, performance, governance), and the modules and outputs align with that purpose. Declared permissions for file read/write and network API access are plausible for generating and sharing policies. However, the declared mcp abilities (sessions_send, subagents) are not explained in the documentation; creating/controlling subagents is a high-capability feature that is not obviously required for a purely strategic advisory skill.
Instruction Scope
The SKILL.md is instruction-only prose describing processes, outputs, interfaces, and KPIs. It does not contain runtime commands, references to secrets or system paths, nor explicit instructions to read arbitrary host files or call external endpoints. The documented behavior stays within the HR/governance domain.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only. That reduces installation risk because nothing is downloaded or executed on install.
!
Credentials
No environment variables or external credentials are requested (good). But the permissions block grants file read/write, network: [api], and mcp capabilities. Those permissions permit reading/writing local files and making API calls and — importantly — creating or operating subagents. For a strategy/HR skill this level of operational capability is broader than the written content justifies and could enable wider actions (including exfiltration or autonomous orchestration) if exercised.
Persistence & Privilege
The skill is not marked always:true and does not request persistent installation. However, because model invocation is allowed (platform default) and the skill requests mcp/subagent capabilities plus network and file access, its autonomous invocation could have a larger blast radius than a typical read-only advisory skill. This combination is noteworthy but not by itself a definitive sign of malicious intent.
What to consider before installing
Summary of what to check before installing: - Coherence: The SKILL.md content is consistent with a CHO/governance role (strategy, KPIs, policies). The skill is instruction-only and requests no environment variables or install scripts. - Permission caution: The skill declares file read/write, network API, and mcp (sessions_send, subagents) permissions. Ask the publisher why subagent creation and session sending are needed for a strategic HR skill. If you don't need autonomous orchestration, deny or narrow those permissions. - Metadata mismatch: _meta.json lists a different version/publish fields than SKILL.md. This inconsistency is not proof of malice but suggests the package wasn't carefully packaged — ask for a corrected manifest. - Dependencies: It references other skills (ai-company-ceo, clo, cro, hr). Verify those skills' trustworthiness before enabling inter-skill calls. - Operational controls: If you decide to use it, run it in a restricted environment first (sandbox), require human approval for any CHO_001/CHO_002/CHO_003 escalations, disable or strictly limit subagent creation, and monitor audit logs and network activity. - Least privilege: Only grant file/network/mcp permissions if you understand and accept what they enable. Never provide unrelated credentials; prefer manual human-in-the-loop approval for major personnel actions. If the publisher can explain and justify the need for subagent capability and correct the metadata, confidence in coherence would increase.

Like a lobster shell, security has layers — review code before you run it.

ai-companyvk977h24k7zygtaak9qbcsjsm9s84m5jcchovk977h24k7zygtaak9qbcsjsm9s84m5jchrvk977h24k7zygtaak9qbcsjsm9s84m5jchr-aivk977h24k7zygtaak9qbcsjsm9s84m5jclatestvk974s247degkexxnx4mygpt5t584vem9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments