ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SDD Start Human Verify

v1.0.0

AI 驱动验收执行 — 自主运行 [A] 步骤,对 [H] 步骤调用人类并提供精确的微指令。

0· 128·0 current·0 all-time
by@mahingbun-dev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's capabilities (running acceptance steps, starting services, asking humans for yes/no) are coherent with the name/description. However, SKILL.md expects system tools (bash, ss/lsof, file I/O) and the ability to write files and modify code/.env, yet the registry metadata declares no required binaries or credentials — a mismatch worth noting.
!
Instruction Scope
Instructions tell the agent to execute arbitrary backticked commands found in spec files, run long-lived services in background, poll ports, analyze build failures and autonomously 'fix' code, and immediately write updates to spec-human-verify.md and .env. Those actions grant broad file-system and execution privileges and include open-ended repair behavior with no clear guard rails or limits.
Install Mechanism
This is an instruction-only skill (no install spec, no code files), so there is no installer risk. All runtime risk comes from the SKILL.md instructions themselves.
!
Credentials
The skill declares no required env vars, but the instructions read and may modify .env, workspace files, and project source code. Implicit access to potentially sensitive environment variables or secrets is possible (reading/writing .env), which is disproportionate to the fact that no credentials were declared.
!
Persistence & Privilege
always:false and autonomous invocation are normal, but combined with the skill's power to execute commands, edit files, and start/stop processes, there is a substantial blast radius if it runs autonomously. The skill writes state (updates spec-human-verify.md and .env) and may modify code without explicit, granular consent steps.
What to consider before installing
This skill will execute shell commands found in your repository's spec files, start and stop services, update spec-human-verify.md, and may append variables into .env or modify code while attempting automatic fixes. Before installing or running it: (1) Review every spec-human-verify.md file that the skill might run to ensure it contains only safe commands. (2) Run the skill in an isolated environment (container or CI runner) with no access to secrets or production systems. (3) Backup your repo and .env before use. (4) Prefer running with human-in-the-loop (do not allow fully autonomous runs) and require explicit confirmation before any automatic edits or process kills. (5) If you plan to use it, ensure the machine has required tools (bash, ss or lsof) available and restrict its workspace_path to a safe directory.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a03npyeshdzgtsyd4ayaehd8338cy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments