Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SDD Executing Plans
v1.0.0执行 spec-plan.md 实现计划,自动完成任务、验证步骤并包含重试逻辑。
⭐ 0· 141·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared metadata lists no required config paths, binaries, or env vars, but the instructions require reading a workspace config file (.sdd-workspace) and reading/updating spec-plan.md files under {workspace}/spec/. Those are necessary for the stated purpose but were not declared. Additionally, checks/verification steps imply running build/test/verification commands which may need specific binaries (e.g., test runners, compilers) that are not listed.
Instruction Scope
The SKILL.md directs the agent to: read .sdd-workspace, scan and open spec-plan.md files, execute every 'execution' step and run 'check' commands, update the plan files in-place (toggle - [ ] to - [x]), perform retries, and stop on blocking failures. It allows running arbitrary verification commands referenced by the spec but does not enumerate which commands or limit scope, meaning the agent may execute arbitrary system commands or modify many files based on the plan content.
Install Mechanism
This is an instruction-only skill with no install steps or external downloads, so there is no installer risk. However, absence of an install spec increases reliance on the runtime environment matching the skill's unstated requirements.
Credentials
No env vars or credentials are declared, yet the skill requires access to a workspace config path and will read and write files. It may also need access to tools or credentials implicitly (for example, running tests that access network services or private registries). The lack of declared config paths and required binaries is a mismatch and reduces transparency about what the skill can access or needs.
Persistence & Privilege
The skill is not 'always' and does not request persistent platform-level privileges, but it explicitly writes to user-owned files (updating spec-plan.md in-place). That is a significant side-effect: installing/enabling the skill grants it the ability to change plans and mark steps completed. This is expected for a plan-execution tool, but it should be clearly declared and made explicit to the user.
Scan Findings in Context
[no_regex_findings] expected: The scanner found no code files to analyze (instruction-only SKILL.md). This is expected for an instruction-only skill, but lack of code does not eliminate runtime risks because the instructions require filesystem writes and command execution when run by the agent.
What to consider before installing
This skill will read and modify files in your OpenClaw workspace (it expects a .sdd-workspace pointing to {workspace} and will update spec-plan.md in-place). Before enabling it: (1) confirm where .sdd-workspace should live and that you trust the plans it will run; (2) backup your spec/ directory or run the skill on a copy, since it will change checkboxes and may create/modify files; (3) ask the author to declare required config paths and any binaries/tools the verification steps need (tests/build tools, etc.); (4) prefer interactive/manual execution or require explicit user confirmations if you are uncomfortable with fully autonomous changes; and (5) review the spec-plan.md contents to ensure the verification steps do not execute unexpected system/network commands. If those gaps are not resolved, treat the skill as risky to run autonomously.Like a lobster shell, security has layers — review code before you run it.
latestvk9787h32zksett4v5z4r1ma8ms8329yf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.