Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Skill Review
v1.0.1Review an OpenClaw skill for token efficiency, scriptability, and clean action boundaries; back up first, then improve the skill.
⭐ 0· 106·0 current·0 all-time
by@kid0114
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (a meta-skill that inspects and improves other skills) aligns with the files present: SKILL.md, checklist, and a review script that inspects SKILL.md, scripts/, and references/. The skill does not request unrelated credentials or binaries. However, the human-readable instructions explicitly say the skill may 'inspect and modify' other local skill folders and that it will 'back up first, then modify' — yet the included script only performs read-only analysis and does not implement backing up or modification. That mismatch between claimed behavior (automatic backups/modifications) and provided tooling is notable.
Instruction Scope
SKILL.md instructs the agent to read target SKILL.md, scripts/, references/, back up the target, and 'improve the skill structure' (modify files). Those operations are local filesystem reads/writes within other skill folders. The included script (scripts/review_skill.sh) only reads and reports — it does not perform backups or changes. Because the instructions permit file modifications but do not provide audited/explicit scripts to do safe backups or changes, an agent given autonomy could make arbitrary edits. The instructions are also somewhat vague about where backups should be stored and what constitutes an acceptable 'improvement'.
Install Mechanism
No install spec and only an instruction/script bundle—lowest risk for arbitrary remote code download. The only executable provided is a small bash script that performs read-only checks and prints heuristics. No external downloads, package installs, or extract steps are present.
Credentials
The skill requests no environment variables, credentials, or config paths. There are no declared secrets or unrelated credentials, which is proportionate to a local-file review task.
Persistence & Privilege
always:false (normal). The SKILL.md explicitly expects a high-permission 'master' agent that can inspect and modify other local skill folders. That need for elevated local filesystem access is coherent for a meta-reviewer tool, but combined with autonomous invocation (disable-model-invocation:false) it raises practical risk: an agent could autonomously change other skills if given permission. This is a power/privilege consideration rather than an immediate technical exploit—limit autonomous write permissions if you want safer operation.
What to consider before installing
This skill is a plausible meta-review tool and includes only a safe read-only helper script, but its SKILL.md asks the agent to back up and modify other local skills without providing an explicit, auditable backup/modify script. Before installing or enabling autonomous invocation: 1) Require explicit confirmation before any file write — prefer the agent to produce patch suggestions rather than applying changes automatically. 2) Add/verify a dedicated backup script that writes backups to a clearly named, access-controlled location and prints the backup path. 3) Limit which agent identities can run this skill with write permission (prefer read-only for general users). 4) Audit any future scripts that actually perform writes before granting run privileges. If you want minimal risk, use the included review_skill.sh for read-only analysis only and do manual backups and edits yourself.Like a lobster shell, security has layers — review code before you run it.
automationvk977h2pcdb0bey8scdmxcaxyx183m9qplatestvk972ftp3ghydqrk29md1esxnk983x79gopenclawvk977h2pcdb0bey8scdmxcaxyx183m9qpreviewvk977h2pcdb0bey8scdmxcaxyx183m9qpskillvk977h2pcdb0bey8scdmxcaxyx183m9qptokenvk977h2pcdb0bey8scdmxcaxyx183m9qp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.