Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and listed capabilities (error detection, retry, rollback, cleanup, restart) are coherent with an 'auto-healer' skill; there are no unexpected required env vars or binaries declared.
Instruction Scope
The SKILL.md describes monitoring and active remediation (temporary file cleanup, restarting processes, GC, rollback) but is vague about scope, exact operations, file/path/process targets, and confirmation rules. It grants broad discretion to perform potentially destructive system actions without specifying limits, safe-guards, or what counts as authorized.
Install Mechanism
Instruction-only skill with no install spec and no code files reduces supply-chain risk; nothing will be written to disk by an installer step. However, absence of implementation details means behavior depends entirely on the agent's runtime policy and other installed skills.
Credentials
The skill requests no environment variables, credentials, or config paths (proportionate). Still, its described actions imply access to local system state and resources; the SKILL.md does not constrain what system data or processes may be touched.
Persistence & Privilege
always:false and no config-paths requested are good. The default ability for the agent to invoke the skill autonomously (disable-model-invocation:false) combined with the skill's open-ended remediation instructions increases potential impact if the agent acts without user confirmation.
What to consider before installing
This skill is conceptually consistent with an auto-healer but is underspecified and could let an agent perform intrusive actions (delete files, restart services, roll back versions) without clear limits. Before installing or enabling it: 1) Ask the author for concrete implementation details — exactly which files/paths/processes it will touch and what checks/confirmations are required. 2) Require a safe default: read-only diagnostics unless the user explicitly approves each remedial action. 3) Request a whitelist/blacklist of allowed targets and a dry-run mode for changes. 4) Run the skill in a sandbox or staging environment first and review audit logs of any actions. 5) Verify the listed dependency skills and ensure they don’t escalate privileges. If the author cannot provide concrete, narrow rules for what the skill changes, treat it as risky and avoid granting it autonomous, system-level remediation rights.Like a lobster shell, security has layers — review code before you run it.
latestvk97422m1qy8h10dbhq4m29tc2x84nyw1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.