ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quality Verification

v2.4.0

输出质量保障与验证。编辑后检查、提交前测试、session 指标测量。不适用于工具重试(用 tool-governance)或 agent 提前停止(用 execution-loop)。参见 tool-governance(错误追踪)。

0· 96·0 current·0 all-time
by_silhouette@lanyasheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (quality verification: post-edit checks, test-before-commit, session metrics) match the included scripts and docs. The scripts implement post-edit lint/type checks, per-turn bracket metrics, and an optional test-before-commit gate. Minor incoherences: documentation references environment flags (HARNESS_PROFILE, HARNESS_DISABLED_HOOKS) and a session-cleanup script, but those controls are not consistently enforced across all scripts (e.g., many scripts don't check HARNESS_PROFILE), and session-cleanup exists only in docs.
!
Instruction Scope
Hook scripts read hook JSON input, run linters and test commands, and write session state under $HOME/.openclaw/shared-context/sessions. test-before-commit.sh will execute project test runners (npm, pytest, cargo, go test, make) which can run arbitrary code from the repository; this is expected for a test gate but is a high-risk action when opening untrusted projects. Scripts do not send data to external endpoints, nor request credentials, but they do invoke local binaries and mutate files under the user's home directory (create/modify bracket.json and other session files).
Install Mechanism
Instruction-only skill with no install spec. All behavior comes from provided scripts; nothing is downloaded or installed automatically by the skill itself.
Credentials
The skill declares no required environment variables or credentials. In practice scripts rely on HOME and NC_SESSION and optionally on TEST_BEFORE_COMMIT, HARNESS_PROFILE, and HARNESS_DISABLED_HOOKS. TEST_BEFORE_COMMIT is intentionally opt-in (feature disabled by default). No external tokens/credentials are requested, which is proportional, but the implicit reliance on HOME for session state and optional env toggles should be noted.
Persistence & Privilege
The skill writes and updates session state under $HOME/.openclaw/shared-context/sessions (creates bracket.json, session dirs). That is reasonable for session metrics, but these files persist on disk. The docs include a session-cleanup script which can delete stale session files and run git worktree prune; the cleanup behavior is present in documentation though not shipped as an executable script in the manifest. always:false and no elevated privileges requested.
What to consider before installing
What to consider before installing: - This skill runs local linters and project test commands. test-before-commit will execute repository test runners (npm/pytest/cargo/go test/make), which can run arbitrary code from the repo — avoid enabling this on repositories you don't trust. TEST_BEFORE_COMMIT is disabled by default; only set TEST_BEFORE_COMMIT=1 if you understand and accept this behavior. - The skill writes session state under $HOME/.openclaw/shared-context/sessions (creates/updates bracket.json and session dirs). Review and control permissions for that directory if sensitive. - Documentation mentions runtime profile controls (HARNESS_PROFILE, HARNESS_DISABLED_HOOKS) and a session-cleanup script, but those controls are not consistently enforced across all shipped scripts; expect some manual configuration or code review to align behavior with your security posture. - Recommended actions: review the three provided scripts (post-edit-check.sh, test-before-commit.sh, bracket-hook.sh), run them in a safe sandbox or test repo first, and keep TEST_BEFORE_COMMIT disabled until you confirm tests/lint commands are safe. If you open untrusted workspaces, disable Bash hooks or enforce a workspace-trust policy so hooks cannot execute repository-provided test code.

Like a lobster shell, security has layers — review code before you run it.

agent-reliabilityvk977gd13b89w6pbepaq4qvx7yh84ay63harnessvk977gd13b89w6pbepaq4qvx7yh84ay63latestvk97cbphh8z7pft9xk9az9wg29s84e5sf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments