ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawSergeant

v1.0.0

Train autonomous OpenClaw AI agents through LLM-guided curriculum design and multi-turn dialogue evaluation. Use this skill whenever the user wants to train,...

1· 97·0 current·0 all-time
byM. Y.@myismyname
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose is training OpenClaw agents, which legitimately requires an LLM API key and a target agent address and uses the openclaw CLI. However, the registry metadata claims no required environment variables or binaries, which is inconsistent with the SKILL.md and code (main.py and test_phases.py require LLM_API_KEY and CLAW_RECIPIENT and the code invokes the 'openclaw' CLI). The mismatch between declared requirements and actual code is a red flag.
Instruction Scope
SKILL.md and the code instruct the agent to: generate curricula, call an external LLM endpoint, send messages to an OpenClaw agent via the openclaw CLI, evaluate replies, and persist lessons to a local lessons directory and to the OpenClaw workspace MEMORY.md. These behaviors align with the training purpose, but they involve persistent storage of potentially sensitive conversation content and instruct the trainee agent to 'internalize' lessons (i.e., change future behavior). Also, the code imports LearningLogger (learning_logger.py) and references writing to OpenClaw MEMORY.md but that file is not present in the provided manifest — the runtime will fail or behave unexpectedly unless that module exists.
Install Mechanism
No install spec is provided and dependencies are standard Python libraries (httpx, loguru, python-dotenv) listed in requirements.txt. There are no downloads from arbitrary URLs or archive extraction. Installation risk is low provided dependencies are installed from PyPI.
!
Credentials
The skill actually requires LLM_API_KEY (and optional LLM_BASE_URL/LLM_MODEL) and CLAW_RECIPIENT, which are proportionate to its LLM calls and agent-targeting. However, the registry metadata lists no required env vars, so what's declared does not match what the code and SKILL.md require. The skill asks users to put secrets into a .env file; ensure you use a scoped API key and understand that training data and agent replies will be stored locally and possibly written into the OpenClaw workspace.
Persistence & Privilege
The skill writes training results (training_results.json) and accumulates lessons under .claw_sergeant_accumulated_lessons/ and attempts to write a summary to the OpenClaw workspace MEMORY.md. always:false (no forced global presence). These file writes are expected for a trainer, but they create persistent artifacts containing conversations and evaluations — consider privacy of those artifacts. The skill also autonomously calls an external LLM and can send messages to another agent (the trainee), which increases blast radius if misused; this is not by itself disqualifying but worth noting.
What to consider before installing
Key points to check before installing or running: - Do not trust the registry metadata alone: this package actually requires an LLM API key (LLM_API_KEY) and a target address (CLAW_RECIPIENT) and expects the openclaw CLI to be installed and usable. The registry incorrectly lists no env vars/binaries. - A referenced module (learning_logger.py) is imported and used but is not present in the provided file list. Running the skill as-is will likely fail; request the missing file or a corrected package from the author. - The skill will persist conversation history and training outputs locally (training_results.json and .claw_sergeant_accumulated_lessons/) and attempts to write to the OpenClaw workspace MEMORY.md. Review those outputs for sensitive data and consider running initial tests in an isolated environment. - Use a least-privilege LLM API key (scoped, rate-limited) and a non-production agent recipient when testing. Inspect trainer/evaluator prompts (they instruct the trainee to 'internalize' lessons) to ensure they won't cause undesired persistent changes to the target agent. - If you cannot verify the missing module or correct the metadata, treat this skill as untrusted and avoid running it with production credentials or against critical agents/workspaces.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eqccbzkbfr3jwj2ceezqzas835avk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments