ClawHub

decision-log

v1.0.1

Decision recording + result tracking skill

0· 827·10 current·10 all-time
by@mupengi-bot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (decision recording + 30-day review) match the SKILL.md: it writes decision markdown files under memory/decisions/ and schedules an auto-review. No unrelated binaries, env vars, or external credentials are requested.
Instruction Scope
Instructions are focused on creating decision files and publishing a small event JSON to events/*.json and scheduling a 30-day review. They do not instruct reading arbitrary system files or pulling other environment variables. Note: the skill assumes the agent can write to memory/ and events/ and that a cron/event mechanism exists — confirm where events are published and who can read them, since recorded decisions may be sensitive.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk by an installer; runtime behavior depends on the agent's existing capabilities.
Credentials
The skill requests no environment variables, credentials, or config paths. Its required access (writing to memory/ and events/) is proportional to the described functionality.
Persistence & Privilege
always: false (normal). The skill intends persistent behavior via scheduled auto-review (cron) and by writing files/events, which requires the agent to retain and later read those records. This is expected for the feature but means data will persist and be revisited automatically — verify retention and access control for memory/ and events/.
Assessment
This skill appears to do what it says: record decisions to memory/decisions/ and publish small event JSON files to events/. Before installing, consider: (1) the decision contents may be sensitive — confirm where memory/ and events/ are stored and who can read them; (2) determine whether the agent's event bus actually transmits events externally (check endpoints, retention, and encryption); (3) if you don't want automatic future reads/reviews, disable or avoid the cron/auto-review functionality; and (4) test with non-sensitive sample decisions first to confirm behavior and file permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk971w6aj35xc2sn7x1a3nt2k55818473

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments