Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Plan Ceo Review
v1.0.0CEO/founder-mode plan review. Rethink the problem, find the 10-star product, challenge premises, expand scope when it creates a better product. Four modes: S...
⭐ 0· 152·1 current·1 all-time
by@loocor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name, description, and SKILL.md content are coherent: the skill is an instruction-only 'CEO/founder-mode' plan review assistant with modes and a checklist of evaluation heuristics. The requested outputs (questions to user, diagrams, TODOs, completion states) align with that purpose.
Instruction Scope
SKILL.md includes explicit runtime shell commands to detect the base branch (e.g., `gh pr view --json ...` and `gh repo view --json ...`) which mean the agent is expected to access the user's GitHub repo via the GitHub CLI. The skill metadata declares no required binaries, no config paths, and no environment variables, so the instructions overreach the declared scope. The skill also expects the agent to produce files (e.g., TODOS.md) and ASCII diagrams and to examine PR state — actions that involve filesystem and repo access but are not represented in the requirements. This mismatch could cause unexpected repository access or failures if the environment lacks gh or credentials.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That is low-risk from an install perspective because nothing is written to disk by an install step.
Credentials
Although the skill declares no environment variables or credentials, its instructions implicitly require GitHub CLI access and authenticated repo visibility (and possibly write access if it expects to create files in the repo). That implicit need for repository credentials/configuration is not declared in requires.env or required config paths, which is disproportionate to the metadata and should be clarified.
Persistence & Privilege
The skill is not marked 'always: true' and does not request elevated platform persistence. It does instruct the agent to create or update artifacts (e.g., TODOS.md, diagrams), which is normal for a review helper, but such file operations are not represented in the skill's declared requirements.
What to consider before installing
This skill appears to be what it says (a CEO-style plan reviewer), but the runtime instructions assume GitHub repository access via the gh CLI and creation of files like TODOS.md while the skill metadata declares no required binaries, credentials, or config paths. Before installing or enabling this skill: 1) Confirm whether the agent environment has the GitHub CLI (gh) and whether you want the skill to run gh commands against your repos. 2) Confirm what authentication (GH token) the agent would use — the skill does not declare or request credentials but will fail or access your repo if gh is present and authenticated. 3) If you do not want repo access, ask the publisher to remove or make the PR/repo checks optional and to declare required binaries/credentials explicitly. 4) If you allow repo access, consider limiting the agent's repo scope (read-only or a sandbox repo) and review any files the skill creates (TODOS.md, diagrams) before committing. Overall: coherent purpose but operationally ambiguous; treat as safe only if you understand and consent to the implied repository access.Like a lobster shell, security has layers — review code before you run it.
latestvk973pf5nw48nnkhhqa6hqn4rk583ajv9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.