ClawHub

pmf-strategy

v1.1.1

When the user wants to validate product-market fit, measure PMF, or plan before scaling. Also use when the user mentions "PMF," "product-market fit," "produc...

0· 53·0 current·0 all-time
byKostja Zhang@kostja94
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (product-market fit guidance) match the SKILL.md content. The skill is purely advisory and does not request unrelated binaries, credentials, or config paths.
Instruction Scope
The SKILL.md is a guidance document telling the agent what outputs to produce (PMF assessment, validation approach, next steps). It does not instruct the agent to read system files, environment variables, or to transmit data to external endpoints outside normal agent behavior.
Install Mechanism
No install spec or code files are present. As an instruction-only skill, it writes nothing to disk and does not fetch external code.
Credentials
The skill declares no required environment variables, credentials, or config paths. There is no disproportionate request for secrets or external service access.
Persistence & Privilege
always:false (expected). disable-model-invocation:false means the agent may autonomously invoke this skill per platform defaults — this is normal for advisory skills. Because the skill requests no credentials or installs, the autonomous-invocation risk is low, but note that the agent could call the skill without an explicit user prompt if platform policies allow.
Assessment
This skill is an instruction-only PMF adviser and appears internally consistent and low-risk: it asks for no credentials and installs no software. Before enabling, decide whether you want the agent to be able to call the skill autonomously (the platform default), and avoid pasting sensitive proprietary data into prompts when consulting any external or third-party skill. If you need stronger control, disable autonomous invocation or review the SKILL.md periodically for updates.

Like a lobster shell, security has layers — review code before you run it.

latestvk97crh4r85yzvm1j143m5ky67184e0xf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments