This skill is a real bounty-automation workflow, but it sets up unattended recurring jobs that can use your accounts to bid, claim work, modify code, push branches, open PRs, post payment details, and send QQ notifications with weak scoping controls.
Review before installing. Only use this if you intentionally want unattended bounty automation operating through your GitHub and OpenTask accounts. Replace the hardcoded QQ and payment/contact values, back up existing OpenClaw cron jobs before running the installer, restrict token scopes, protect token files, and add manual approval before any bid, claim, git push, PR, or payment comment.