Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenclawContinuousWork 1.0.0
v1.0.0全面优化 OpenClaw 对话体验并强化任务闭环执行。Use when user asks to 优化, 工作, 项目, 持续工作, 不要停, 继续做, 继续工作, 或希望助手接收指令后持续推进直到完成。Also use when the user asks for complete optimization...
⭐ 0· 136·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (continuous optimization) aligns with the included scripts and markdown modules: the bundle contains tools to audit, re-index, graph, detect conflicts, normalize encoding, and run a one-command pipeline. However, the SKILL.md emphasizes changing dialog behavior and continuous autonomous execution at the assistant level while the code operates on repository files; this dual focus (agent behavioral directives + file-modifying maintenance scripts) is plausible but worth noting.
Instruction Scope
SKILL.md and References/ContinuousExecutionDirective.md push the agent to 'continuously execute until user confirms termination' and require 10-minute progress reports. The OptimizationDirective explicitly allows modifications/deletions/additions. The provided scripts will rewrite files (e.g., NormalizeEncoding.py, BuildReferenceMap.py, BuildModuleGraph.py) and operate recursively on a user-specified target path. There are no in-band safeguards (no confirmations, no target-restriction) described in SKILL.md, so the agent could be instructed to make broad destructive changes or run indefinitely without further human confirmation.
Install Mechanism
No external install spec or remote downloads; all code is bundled as local Python scripts. This is low install-risk because no external archive/binary is fetched. Scripts are readable and straightforward (no obfuscated code or network calls).
Credentials
The skill declares no environment variables or external credentials, which is consistent. However, it implicitly requires read/write access to the agent workspace and arbitrary target paths (the pipeline accepts a target path and will traverse and rewrite files). Given that OptimizationDirective permits modifying/deleting/adding files, that level of filesystem access is significant and not constrained by the SKILL.md (no explicit requirement that target be limited to the skill's own repo).
Persistence & Privilege
always is false (good), but SKILL.md contains strong directives that the agent should not stop until user confirmation and should report every 10 minutes. Because the platform allows autonomous invocation by default, these behavioral constraints could cause prolonged autonomous activity. That combination (autonomy + explicit 'do not stop' directive + file-modifying scripts) increases the blast radius compared to a self-contained helper.
What to consider before installing
This skill appears to implement a continuous 'optimization' workflow by scanning and modifying markdown and text files and by instructing the assistant to run persistently. Before installing or enabling it, consider: 1) Run the scripts on a read-only copy or isolated test workspace first to verify what they change (NormalizeEncoding, BuildReferenceMap, RunOptimizationPipeline will write files). 2) Confirm how the agent will be invoked autonomously — request or enforce that the agent must ask for explicit user confirmation before any write/delete operation or before entering a continuous execution mode. 3) If you don't want long-running autonomous behavior, disable autonomous invocation for this skill or remove/soften the 10-minute automatic-report and 'do not stop' directives in SKILL.md. 4) Request that the maintainer add explicit safeguards: a required, validated target whitelist, dry-run mode by default, and interactive prompts for destructive changes. 5) If you lack confidence in the maintainer, avoid granting this skill write access to important directories or run it only in a sandbox.Like a lobster shell, security has layers — review code before you run it.
latestvk972qv1q1qttv6ta4d48s88a49834451
License
MIT-0
Free to use, modify, and redistribute. No attribution required.