ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Strategic Decision

v1.2.0

CEO/executive-mode strategic decision making. Challenge premises, diagnose problems, design definitive strategies. Four modes: AGGRESSIVE (dream big), SELECT...

0· 59·0 current·0 all-time
byKaiser@kaisersong
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (executive strategic decision-making) align with the runtime instructions: the skill loads local reference documents, runs premise checks, and stores/looks up prior decisions. Creating/reading ~/.strategic-decisions is proportionate to keeping a local decision history. The one surprising element is an explicit reference to another skill's SKILL.md (~/.claude/skills/gstack/office-hours/SKILL.md) to run an 'office-hours' flow — this is plausible integration but is a cross-skill file access note.
Instruction Scope
SKILL.md instructs the agent to run simple shell commands to list/create files in ~/.strategic-decisions and to 'load' references/cognitive-patterns.md (included in the package). It also tells the agent to read and follow another skill's SKILL.md at a hardcoded path (~/.claude/skills/gstack/office-hours/SKILL.md) if the user requests office-hours. These actions are within the skill's purpose, but they do instruct the agent to access files outside the skill's bundle (another skill's file and the user's home directory), which is a privacy scope consideration rather than an outright incoherence.
Install Mechanism
There is no install spec and no code files to execute. Being instruction-only minimizes installation risk; nothing is downloaded or extracted.
Credentials
The skill requests no environment variables, credentials, or external network endpoints. No secrets are requested or required, which is proportionate for a strategy/advice tool.
Persistence & Privilege
The skill will create and read files under ~/.strategic-decisions to persist prior decisions. That is reasonable for its function but is persistent storage in the user's home directory and should be noted by users who care about local data. The skill does not request elevated privileges, does not set always:true, and does not modify other skills' configurations.
Assessment
This skill appears coherent and low-risk: it is instruction-only, asks for no credentials, and its local file read/write behavior matches its purpose. Before installing, review SKILL.md and decide whether you are comfortable with the agent creating and reading files at ~/.strategic-decisions. If you use the 'office-hours' integration, the skill will attempt to read a hardcoded path (~/.claude/skills/gstack/office-hours/SKILL.md) — verify that file and path are what you expect. If you are concerned about privacy, run the skill in an environment where the agent's file access is limited or back up/inspect ~/.strategic-decisions after use. If you want to be extra cautious, search the SKILL.md for any other hardcoded paths or external endpoints before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk972xnw5kwasa9zwwamhv0qw6183hf6r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments