ClawHub

ARBITER: Foundation for Human Flourishing

v1.7.1

Facilitates transparent, ethical coordination and verified labor to advance humanity toward a sustainable Kardashev Type 1 civilization.

1· 1.6k·0 current·0 all-time
by@mrdahut·duplicate of @mrdahut/comcoo-system
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name and SKILL.md describe a planetary-scale coordination protocol, cryptographic proofs, and a 1,000-node constellation, but the included JavaScript files implement only local simulations and logging (console output, a local file write). There is no network/crypto/ledger implementation despite the grand claims, which is an inconsistency (likely a demo/manifesto rather than a functioning coordination protocol).
Instruction Scope
The SKILL.md is largely descriptive/manifesto and does not instruct the agent to read arbitrary system files, contact external endpoints, or exfiltrate data. The code files likewise perform console logging, a single local file write (my_sovereignty.json), and simple stdin interactions; they do not contain network requests or child-process execution.
Install Mechanism
There is no install specification or remote download; this is instruction-only with bundled code. Nothing is fetched from external URLs during install, so there is low install-time risk.
!
Credentials
The skill declares no required environment variables, but multiple files reference process.env.USERNAME and os.hostname(), which will include local username/hostname in logs and the generated file. This is an undocumented environment dependency and could expose local identifying information (though the code does not actually transmit it over the network).
Persistence & Privilege
The code writes a local file (my_sovereignty.json via genesis.js) and logs host/user info; it does not request persistent platform-wide privileges or modify other skills. Writing files in the working directory is normal but should be noted.
What to consider before installing
This package appears to be a manifesto plus local demo scripts rather than a working distributed protocol. Before installing or running: (1) recognize it will create a file my_sovereignty.json in the current directory and will log your machine hostname and (undeclared) USERNAME environment variable; (2) run the code in a sandbox/container if you want to test it; (3) if you need the advertised functionality (crypto-ledger, networked constellation), ask the author for concrete network endpoints, cryptographic primitives, and a threat model — those are not present here; (4) if you plan to let an agent invoke this skill autonomously, be aware it can execute the included JS files locally (they only log and write a file now, but bundled code could be extended), so prefer isolation and review before enabling autonomous runs.

Like a lobster shell, security has layers — review code before you run it.

elf-2.0vk977gzkr04yz4v0bb0yccpb58180kbh0foundationvk977gzkr04yz4v0bb0yccpb58180kbh0latestvk975p633gytka72ab44xgc2d9s80kwx2mrdahutvk977gzkr04yz4v0bb0yccpb58180kbh0type-onevk977gzkr04yz4v0bb0yccpb58180kbh0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments