Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Office Hours
v1.0.0YC Office Hours — two modes. Startup mode: six forcing questions that expose demand reality, status quo, desperate specificity, narrowest wedge, observation,...
⭐ 0· 75·3 current·3 all-time
by@loocor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (produce design docs, ask forcing questions) align with the SKILL.md instructions (context gathering, diagnostic, producing a design doc). However, the skill's metadata lists no required binaries while the instructions explicitly call out multiple git commands and filesystem operations (git branch, git log, git diff, ls, grep/glob). The missing declaration of git as a required binary is an incoherence.
Instruction Scope
The SKILL.md directs the agent to read repository files (CLAUDE.md, TODOS.md, design docs), run git queries, and map code areas with grep/glob. Those actions are coherent with producing a design doc and are explicitly scoped (the file list and git commands). They are read-oriented, not implementation actions (there is a HARD GATE forbidding code changes). Still, this grants the skill broad read access to the repo and git history which can contain sensitive data (secrets, credentials, private info).
Install Mechanism
No install spec and no code files — lowest risk for arbitrary code installation. The skill is instruction-only, so nothing is written to disk by an install step.
Credentials
No environment variables/credentials are requested (good). However, the instructions implicitly require git and filesystem access; the registry metadata does not declare required binaries (git), which is inconsistent. Because the skill will read arbitrary files and git history, it could access secrets stored in the repo even though no explicit credentials are requested.
Persistence & Privilege
always is false (normal). The skill does not request permanent presence or to modify other skills. Autonomous invocation is allowed (platform default); combined with the skill's repo-reading instructions, that could increase exposure if the agent runs without user confirmation. The SKILL.md's HARD GATE forbids implementation actions, which reduces risk, assuming the agent enforces it.
Scan Findings in Context
[no-regex-findings] expected: The repository scan found no code to analyze — this is expected because the skill is instruction-only and contains a SKILL.md. Absence of findings is not evidence of safety; the SKILL.md itself is the runtime surface.
What to consider before installing
This skill is mostly coherent for producing design documents, but take these precautions before enabling it: 1) Confirm git is present and that you are okay with the agent reading your repository files and git history (commit messages and files can contain secrets). 2) Run it in a sandbox or on a repo copy if you have any sensitive data. 3) Ask the publisher to update metadata to declare git as a required binary so the registry matches runtime requirements. 4) If you are concerned about autonomous runs, keep the skill user-invocable only (do not schedule automatic invocation) or disable autonomous invocation if your platform allows it. 5) Verify the platform enforces the SKILL.md HARD GATE (no code execution/scaffolding) and watch the first session to ensure the agent limits itself to producing a design doc.Like a lobster shell, security has layers — review code before you run it.
latestvk976vc3k19nv8mv7123wq21d2583a052
License
MIT-0
Free to use, modify, and redistribute. No attribution required.