Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Meta Skill Weaver
v0.4.1Use this skill when orchestrating complex multi-step tasks. Provides first-principles task decomposition, EventBus event system, multi-skill collaboration wi...
⭐ 0· 131·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md and README describe a full Node.js orchestration engine (src/, tests, CLI commands like meta-skill-weaver start) and a package.json pointing at src/index.js, but the skill as provided is instruction-only with no source/runtime files or install spec. That mismatch means the declared capabilities cannot be exercised as-is and is disproportionate to the artifacts included.
Instruction Scope
Runtime instructions tell the agent and user to run commands (meta-skill-weaver start/status/resume, bus.on handlers, notify.sh) and to install via clawhub or git clone. Because no install mechanism or code is packaged, these instructions are effectively directing the agent to run binaries or shell handlers that do not exist in the bundle. The instructions also encourage running shell handlers (e.g., notify.sh) which would execute arbitrary scripts if provided by an external source.
Install Mechanism
Registry metadata contains no install spec and the skill is marked instruction-only, yet documentation suggests installation via 'clawhub install' or 'git clone https://github.com/your-repo/meta-skill-weaver.git'. Those install instructions reference an external repo (placeholders used) and there is no vetted download/installation URL in the package. This absence increases risk and makes the package incomplete or mispackaged.
Credentials
The skill does not request environment variables, credentials, or config paths. The documented middleware chain mentions an auth middleware but no secrets are required by the package metadata. On this axis, requested access is proportionate (minimal) — however executing external install or shell handlers would change this.
Persistence & Privilege
Flags show always:false and model invocation allowed (default). The skill does not request permanent/always-on presence or system-wide configuration. No evidence it modifies other skills' configurations. This is appropriate for an orchestration skill.
What to consider before installing
Do not install or run this skill as-is. The documentation claims a runnable CLI and src/ code, but the skill package contains only docs and no runtime code or install spec — this could be an incomplete/mispackaged submission or an attempt to trick you into running external installs. Before proceeding, ask the publisher for: (1) the canonical public source repository (GitHub) and a reproducible install/release (GitHub release or npm package), (2) the actual packaged binaries or source files (src/index.js and others) and test artifacts, (3) a verified install spec that the ClawHub registry can execute (not just 'git clone' placeholders), and (4) clarification about any shell handlers (notify.sh) and what they do. If you must evaluate code, do so from the upstream repo in an isolated environment, inspect scripts for arbitrary shell execution, and verify maintainer identity and release signatures. If the author cannot provide a verifiable source and release artifacts, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk971w2r2jxpvzjhnw6xaqwzbeh84a0hc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.