Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Causal Inference
v0.2.0Add causal reasoning to agent actions. Trigger on ANY high-level action with observable outcomes - emails, messages, calendar changes, file operations, API calls, notifications, reminders, purchases, deployments. Use for planning interventions, debugging failures, predicting outcomes, backfilling historical data for analysis, or answering "what happens if I do X?" Also trigger when reviewing past actions to understand what worked/failed and why.
⭐ 5· 2.8k·7 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (causal reasoning for actions) match the included scripts: logging actions, backfilling emails/calendar/messages, and estimating treatment effects. However the registry lists no required binaries while the SKILL.md and scripts assume local CLIs (gog, wacli) are available; that's a mismatch the publisher should document. The code only targets data sources relevant to the stated purpose (email/calendar/messages).
Instruction Scope
Instructions explicitly tell the agent to backfill and log wide-ranging personal data (emails, messages, calendar events) and to trigger on 'ANY high-level action'. This is coherent with a causal layer but broad: the skill will collect and persist personally sensitive data from those sources. It does not instruct sending data to external network endpoints, but it does invoke local CLIs and reads/writes local files (/tmp and memory/causal/action_log.jsonl).
Install Mechanism
This is instruction-only with included scripts (no download/install step). No external archive downloads or obscure install URLs are present. Risk is limited to executing the included Python scripts and local subprocesses (gog, wacli) as described.
Credentials
The skill declares no environment variables or credentials, which is appropriate in principle. In practice the scripts call local CLIs (gog, wacli) that will use whatever credentials those tools are configured with; the skill doesn't request or store additional secrets. Reviewers should be aware the skill relies on existing CLI configs (which may hold sensitive tokens) even though none are declared.
Persistence & Privilege
The skill writes its own action log to memory/causal/action_log.jsonl and creates those directories; it does not request always: true, does not modify other skills' configs, and does not request elevated system privileges. Its persistence is limited to its own files.
Assessment
What to consider before installing:
- This skill will parse and store sensitive personal data (emails, messages, calendar events). Review the scripts (backfill_* and log_action.py) to ensure you are comfortable with what is written to memory/causal/action_log.jsonl and /tmp files, and where those files will remain on disk.
- The SKILL.md expects local CLIs (gog, wacli). Confirm you need/want those CLIs to run here; they will use any credentials already configured in your environment even though the skill doesn't ask for credentials explicitly.
- Test on a small or anonymized dataset first. If you enable it, consider limiting triggers (don't allow 'ANY action' globally) and periodically rotate/delete the action_log if it contains sensitive history.
- If you need stricter privacy, run these scripts manually outside the agent, or modify them to sanitize/redact identifiers before writing logs.
- Because the source is unknown, prefer running with user invocation only (not fully autonomous) until you trust the publisher and have audited the code.Like a lobster shell, security has layers — review code before you run it.
latestvk97eh8kr4wqjgn17xjnw9h0qjx7zzzjn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.