ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Autoresearch.Bak

v1.0.0

Autonomous experiment loop for AI agents. Use when the user wants to run systematic experiments — optimizing hyperparameters, searching for better configurat...

0· 63·0 current·0 all-time
by@lean-zhouchao·fork of @thomaslwang/autoresearch (1.0.2)·canonical: @thomaslwang/skill-antivirus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the runtime instructions: the skill needs to modify target files, run a user-provided run command, measure a metric, and use git as a lab notebook. No unrelated credentials, downloads, or surprising services are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to edit files, create a branch, commit changes, run arbitrary run_command, extract metrics, and revert commits on crash. This is expected for an autoresearch tool, but it grants the agent broad filesystem and process power — the skill relies on the human to constrain 'Target Files' and 'Read-Only Files' to prevent the agent from touching secrets or unrelated code.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is downloaded or written by an installer, which reduces supply-chain risk.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. Minor inconsistency: the instructions assume git and shell tooling will be available, but required binaries are listed as 'none' — the runtime implicitly needs git/shell to perform branch/commit/reset and to run the user-provided run command.
Persistence & Privilege
always is false and user-invocable is true (normal). The skill will write autoresearch.config.md and results.tsv and will create/modify git branches and commits — normal for the purpose but potentially destructive if run against important repositories. It does not request system-wide configuration changes or other skills' credentials.
Assessment
This skill is coherent for running automated experiments, but it is powerful and can modify code and run arbitrary commands. Before installing or invoking it: 1) Limit 'Target Files' to only the files you explicitly want the agent to change; add obvious sensitive files (configs, keys, scripts) to 'Read-Only Files'. 2) Do not include secrets or credentials in any target files. 3) Ensure the run command is safe and deterministic (avoid commands that exfiltrate data). 4) Run first in a disposable clone or sandbox/container and back up your repository. 5) Provide strict time budgets and kill timeouts to avoid runaway processes. 6) Note the skill assumes git/shell are available even though no binaries were declared — ensure those tools are present and that the agent has the minimal permissions you intend. If you need the agent to have less privilege, do not give it write access to sensitive files or run it in an environment without network access or secret credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9745t41emb2nzrqk1mh2f0dzh83aem2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments