ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Enhanced Agent Modes

v1.0.0

Provides three modes—Explore (read-only), Plan (analyze before acting), and Verify (check results)—plus feature flags to toggle capabilities dynamically.

0· 41·0 current·0 all-time
by@mayiv-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Skill claims to provide UI/mode semantics, but its instructions also require scanning 'daily memory files', writing WALs, maintaining a working buffer, and spawning background sub-agents — none of which are reflected in declared requirements (no config paths, no storage locations, no credentials). That mismatch is disproportionate to a simple mode-switching helper.
!
Instruction Scope
SKILL.md explicitly instructs the agent to 'scan daily memory files', 'check file contents, command output, API responses', log exchanges in a 'danger zone (>60% context)', and run background 'isolated agentTurn' tasks. Those are broad data-access behaviors (reading and persisting user/context data, periodic tasks) that go beyond read-only mode descriptions and are not narrowly scoped.
Install Mechanism
Instruction-only skill with no install spec and no included code files — nothing will be written to disk by an installer. Low install-supply-chain risk in itself.
!
Credentials
The skill requests no environment variables or config paths but plans to read and consolidate 'long-term memory' and write WALs/working buffers. Absence of declared storage/paths or permission requests is a mismatch: the skill expects access to potentially sensitive files without specifying what or where.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). Several potentially persistent features exist (auto_memory, working_buffer, wal_protocol, autonomous_crons) and some are enabled by default (wal_protocol, working_buffer, deep_thinking, explore_agent, plan_agent). If a user enables autonomous_crons or auto_memory, the skill could cause background tasks or periodic scans — that increases risk but is not enabled by default.
What to consider before installing
This skill's behavior is internally inconsistent: it tells the agent to read and persist memory files, log context when session size is high, and run background sub-agents — yet it declares no config paths, storage locations, or permissions. Before installing or enabling features, ask the publisher (or require in your environment) for: (1) exact locations and formats of any 'memory' or log files the skill will read/write, (2) where WALs/working_buffer data are stored and who can access them, (3) whether background tasks make network calls or spawn other agents, and (4) a provenance/homepage or source repo for code review. If you must try it, keep auto_memory and autonomous_crons disabled, review/disable working_buffer and wal_protocol defaults, and avoid enabling features that allow background autonomous tasks until you have explicit storage and network behavior documented.

Like a lobster shell, security has layers — review code before you run it.

explorevk973gqbn49vzgccmjpjh9xzgys83y0k6feature-flagsvk973gqbn49vzgccmjpjh9xzgys83y0k6latestvk973gqbn49vzgccmjpjh9xzgys83y0k6modevk973gqbn49vzgccmjpjh9xzgys83y0k6planvk973gqbn49vzgccmjpjh9xzgys83y0k6verifyvk973gqbn49vzgccmjpjh9xzgys83y0k6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments