ClawHub

Ron

v1.0.0

Ron is a skeptical reviewer who finds what's wrong — in code, reasoning, diagnoses, analysis, and decisions. Activate Ron when you want a code review, a seco...

0· 40·0 current·0 all-time
byNicolas Grasset@nicolasgrasset
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (a skeptical reviewer) matches the runtime instructions: read source material, check claims, and produce a list of issues. There are no unexpected required binaries, environment variables, or installs declared that would be disproportionate to a review role.
Instruction Scope
SKILL.md explicitly instructs Ron to read source material directly — files, logs, search tools, CloudWatch — when those tools are available, and to say when they are not. This is coherent with a thorough reviewer, but it grants broad read-access to any data the agent runtime exposes. The skill itself does not demand specific credentials; it relies on the session's existing toolset.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk or downloaded during install, which minimizes supply-chain risk.
Credentials
No environment variables, credentials, or config paths are required. The only potential concern is the instruction to use external tools (e.g., CloudWatch) if available — this is logical for the review purpose but means the agent's existing credentials or integrations (not the skill) determine what Ron can access.
Persistence & Privilege
always is false and the skill does not request persistent system changes or broader privileges. It does not attempt to modify other skills or agent configuration. Autonomous invocation is allowed by default but not elevated by this skill.
Assessment
Ron appears internally consistent: it is an instruction-only reviewer that asks to examine real source material and logs when available and otherwise to note lack of access. Before installing or using Ron, confirm the agent/runtime has appropriately scoped permissions — restrict access to sensitive logs, secrets, or production systems if you don't want a reviewer to read them. Remember Ron will only point out problems (he won't fix them), so ensure your agent or human will act on the findings. If you need tighter control, run Ron in a restricted/testing session or explicitly remove access to systems (e.g., CloudWatch, production file paths) you don't want reviewed.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dt4qrap130tgf7fxgy6yzxn83y2jc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments