ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Create Config

创建 OpenClaw 专属员工 Agent 的完整配置流程。 融合「one-person-company」和「agentgener」两个技能,支持从需求收集到 Agent 上线的完整闭环。 当用户需要创建新 Agent、创建新的机器人、制作一个新 Agent 时触发。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 98 · 0 current installs · 0 all-time installs
by@moistenxx
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the instructions (creating workspaces, generating config files, registering agents, binding Feishu). However the SKILL.md does not declare any required credentials or environment variables even though the runtime instructions show setting Feishu BOT_TOKEN/APP_SECRET and account IDs — a small inconsistency (missing declared requirements) but not necessarily malicious.
!
Instruction Scope
The instructions direct reading and writing many files under the user's home (~/.openclaw, workspace, agents, memory) and instruct agents to '不要问许可,直接做' ('do not ask permission, just do it'). They also instruct automatic updates to persistent memory (MEMORY.md). That expands the agent's action scope beyond simple config generation and encourages autonomous changes to the user's environment and persistent data without explicit user confirmation.
Install Mechanism
This is instruction-only (no install spec, no code files). That minimizes supply-chain risk because nothing is downloaded or executed by the installer itself.
Credentials
The skill’s content expects Feishu credentials and account IDs (bot token, app_id, app_secret) and uses local paths and a model ID, which are proportionate to the stated purpose. But the skill declares no required env vars or primary credential in metadata — a documentation/manifest mismatch that reduces transparency about what secrets will be needed.
!
Persistence & Privilege
The flow explicitly writes persistent files (workspace, MEMORY.md, agents/config) and instructs agents to update long‑term memory and act without asking. Although the skill itself is not always:true, these behavioral instructions increase the blast radius if an agent is later allowed to run autonomously. Combined with the detected prompt‑injection indicator, this is a meaningful risk.
Scan Findings in Context
[unicode-control-chars] unexpected: Unicode control characters are not expected for a straightforward config template. Such characters can be used for prompt‑injection or obfuscation; given the presence of instructions that tell agents to 'do without asking', this is a concerning signal.
What to consider before installing
What to consider before installing/using this skill: - Coherence: The skill does what its name says (creates agent config, registers agents, binds Feishu). That part is coherent. - Missing metadata: The skill does not declare required credentials even though the instructions show you must provide Feishu BOT_TOKEN, APP_ID, APP_SECRET and account IDs. Expect to provide those secrets when following the instructions manually — but the skill metadata doesn't make that explicit. - Files written: The instructions create and update many files under ~/.openclaw and workspace directories (SOUL.md, AGENTS.md, MEMORY.md, config.yaml, logs). Back up any existing ~/.openclaw data before running these steps. - Autonomy concern: Templates/doc text includes directives like '不要问许可,直接做' and instructions to persist and auto‑update MEMORY.md. That encourages an agent to act and change state without user confirmation. Prefer manual review and explicit confirmations before letting any agent perform filesystem or configuration changes. - Prompt‑injection signal: A unicode-control-chars finding was detected in SKILL.md. Treat embedded files with scrutiny for hidden/obfuscated content. Open the files in a hex/visibly safe viewer if you plan to run any automated steps. - Practical recommendations: - Do not run this unattended. Follow the SKILL.md manually step‑by‑step and inspect created files. - Provide Feishu tokens only via a secure mechanism you control (do not paste them into untrusted UIs). - Run first in an isolated account or VM if possible to verify behavior. - Remove or edit instructions that demand ignoring permissions or that auto‑write persistent memory if you want stricter controls. - Ask the publisher for missing metadata (explicitly list required env vars/credentials, provide homepage/maintainer info, and explain why persistent memory updates are needed). - What would change the assessment: presence of a verifiable homepage/maintainer, clearer metadata declaring required credentials, removal of autonomy directives (e.g., requiring explicit user confirmation before writes), and elimination of the unicode control characters would raise confidence toward 'benign'.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97bb3qxhrgxeazv2mfhyw8m0n83admy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Agent 新建配置 - 完整流程

概述

本技能是「一人公司 Agent 创建」与「OpenClaw Agent 绑定配置」的融合体,提供从需求收集到 Agent 正式上线的完整流程。

完整流程(7 阶段)

详见:references/MERGED_PROCESS.md

阶段速览

阶段内容
1收集需求(名称/模型/API/Skill/飞书绑定)
2创建工作区 workspace-{name}/
3生成所有配置文件
4注册 Agent 到 openclaw.json
5绑定飞书/多账号 + bindings 路由
6重启生效 + 日志验证
7交付确认

快速使用

当用户说"创建一个 xxx Agent"时:

  1. 阅读 references/MERGED_PROCESS.md 获取完整流程
  2. 按阶段一问用户收集信息
  3. 将创建任务分配给 coder agent 执行

核心原则

  • CEO 不执行,只协调;创建任务分配给 coder
  • 配置文件严格遵守行数限制(SOUL ≤20行,AGENTS ≤80行,MEMORY ≤50行)
  • bindings 必须放在 openclaw.json 顶层
  • 重启后才能生效

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…