agent creator
Security checks across malware telemetry and agentic risk
Overview
This skill is not clearly malicious, but it can create and register new agents, persist learned patterns, and bypass confirmations through an auto-confirm mode, so it deserves careful review before use.
Use this skill only if you are comfortable letting it create and register new agents under your OpenClaw workspace. Keep OPENCLAWS_AUTO_CONFIRM unset, review generated files before deployment, and make sure its persistent memory and update behavior are opt-in, logged, and easy to clear.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If auto-confirm is enabled, the agent could create and deploy new agents without the normal review pause, including for sensitive domains.
This explicitly permits a global bypass of user confirmations, including high-risk review, for a skill that deploys new agents and writes into the OpenClaw workspace.
`OPENCLAWS_AUTO_CONFIRM`:(可选,极不安全)若设置为 `true`,将跳过所有用户确认步骤(包括高风险点复核)。
Do not enable OPENCLAWS_AUTO_CONFIRM except in an isolated test environment; require an explicit final confirmation and preferably show a file diff before deployment.
The skill may influence future generated agents through ongoing updates or memory changes that are not tied to a specific user confirmation.
The skill describes recurring automatic self-updates and memory evolution, but the registry presents it as a normal user-invocable instruction-only skill with no always-on capability or install mechanism.
自我进化:每月自动同步 5 个行业最新顶级标准库,失败案例沉淀为优化记忆 ... 标准同步:每周自动更新一次“行业术语映射表”和“公开基准源列表”
Make all updates manual or explicitly scheduled by the user, log what changed, and provide a way to disable or clear persistent self-evolution data.
Installation or review prompts may understate the access needed for the skill to work.
The registry-level metadata does not declare the runtime requirements that the included skill metadata later describes, such as OPENCLAWS_ROOT, git, bash, network access, and workspace writes.
Required binaries (all must exist): none ... Required env vars: none ... No install spec — this is an instruction-only skill ... No capability tags were derived.
Declare the required environment variables, filesystem writes, git/bash usage, and network access in registry/install metadata so users see the full capability request before enabling it.
Incorrect, sensitive, or manipulated patterns could be reused when creating later agents.
The skill stores persistent summaries that can shape future generations. The metadata says they are desensitized and do not contain raw sensitive data, but persistent reuse still creates poisoning and retention considerations.
failure_patterns 库:存储在 `{OPENCLAWS_DATA}/failure_patterns.json` ... 记忆库:Agent Creator 自身的 `MEMORY.md` ... 用于优化生成策略。Store the minimum necessary summaries, clearly mark retrieved/public content as untrusted data, support memory review/deletion, and avoid using stored text as authoritative instructions.