ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

MOA-Debate

v1.0.0

Run an Oxford Union–style multi-agent debate on any motion using Mixture of Agents architecture

0· 349·0 current·0 all-time
byProfMP3i@markoxmobs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description (multi‑agent Oxford Union debate) match the SKILL.md and reference file: the skill is instruction-only and only defines agent roles, prompts, temperatures, round sequencing, and output schemas. Nothing requested (no env vars, no binaries, no installs) is out of scope for this purpose.
Instruction Scope
The SKILL.md contains many explicit system prompts and strict output constraints (e.g., 'Return ONLY the question', 'Respond ONLY with JSON'), which is expected for orchestrating multiple LLM roles. These same constructs are commonly flagged as prompt‑injection patterns; while legitimate here, they could be abused if the platform does not enforce system‑prompt isolation or if the skill is given sensitive inputs. The instructions do not reference files, env vars, network endpoints, or any external data beyond standard LLM calls.
Install Mechanism
Instruction‑only skill with no install spec and no code files — lowest risk for arbitrary code execution or supply‑chain downloads.
Credentials
No environment variables, credentials, or config paths are required. The skill does not ask for unrelated secrets or system config access.
Persistence & Privilege
always:false and user-invocable:true (defaults). The skill does not request persistent system presence or attempt to modify other skills' configs. Autonomous invocation is allowed by platform default but not a special privilege of this skill.
Scan Findings in Context
[system-prompt-override] expected: The SKILL.md defines explicit system prompts for multiple roles (Proposition, Opposition, Devil's Advocate, Chair, Judge). This is expected for a multi‑agent orchestration skill. Such patterns trigger prompt‑injection detectors because they attempt to control model behavior, so verify that the platform enforces higher‑level system prompt immutability and that these role prompts cannot cause leakage of sensitive context.
Assessment
This skill appears coherent for running simulated Oxford‑style debates: it contains role system prompts, round sequencing, and structured output formats but requests no credentials or installs. The main thing to watch for is prompt‑injection risk: the skill relies on many explicit system prompts and strict 'return only' instructions which are normal here but could be used to override model behavior if the hosting platform does not enforce prompt isolation. Before installing: (1) confirm the platform prevents skill prompts from accessing or leaking sensitive agent/system context, (2) avoid providing any secret or private material as debate motions or examples, and (3) run a few test debates with non‑sensitive motions to verify outputs match expectations. If you need higher assurance, ask the platform vendor whether skill system prompts are sandboxed and whether skills can access other skills' credentials or agent internals.

Like a lobster shell, security has layers — review code before you run it.

#agentsvk974kh6m2p9cncyt1k0ww8w31n81z101#debatevk974kh6m2p9cncyt1k0ww8w31n81z101#oxfordvk974kh6m2p9cncyt1k0ww8w31n81z101latestvk974kh6m2p9cncyt1k0ww8w31n81z101

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments