测试212
v1.0.0在任何创造性工作之前必须使用 - 创建功能、构建组件、添加新功能或修改行为。通过协作对话探索用户意图、需求和设计。
⭐ 0· 77·0 current·0 all-time
by@lky115
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name and description match a brainstorming / design-planning skill. The SKILL.md's requested actions (review current project files/commits, produce design docs, and commit them to git) are plausible for this purpose, but the skill does not declare or explain the scope of file access or how git commits will be authenticated.
Instruction Scope
Runtime instructions ask the agent to "查看当前项目状态(文件、文档、最近提交)" and to write into docs/plans/... and commit to git. These are within the skill's purpose but are vague about exactly which files/paths are in-scope and what git operations (automatic commit/push?) the agent should perform. The SKILL.md also requires calling a REQUIRED sub-skill (core-writing-plans) and recommends several others—those sub-skills may expand the agent's actions and should be reviewed.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by an installer and there are no third-party packages pulled in by the skill itself.
Credentials
The skill declares no required environment variables or secrets, which is consistent with its lightweight nature. However, the intended behavior (reading the project state and committing to git) implies it will access local files and may use the environment's git credentials or SSH keys—these accesses are not declared. Users should confirm whether the agent will be allowed to use local git credentials or push commits.
Persistence & Privilege
always is false and there is no persistent install or self-modifying behavior. The skill requests no elevated platform privileges and does not modify other skills or global agent settings.
Assessment
This skill looks like a normal brainstorming/design assistant and is internally consistent, but it instructs the agent to read the current project (files, docs, recent commits) and to write and commit a design document. Before installing or enabling it, decide and document: 1) exactly which directories/files the agent is allowed to read; 2) whether it should be permitted to create/modify files under docs/ and to run git commit/push, and if so which credentials or keys it may use; 3) review the REQUIRED sub-skill (core-writing-plans) and any recommended sub-skills so you trust their behavior. If you are uncomfortable granting file-system or git access, run the skill in an isolated workspace or request a version that only drafts content and returns it for manual commit.Like a lobster shell, security has layers — review code before you run it.
latestvk97fr7q9wy6htv4vphx3kgq89x83pvg1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.