Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Work Visibility
v3.0.5🟢 让长任务不再黑箱!自动显示进度条 + 每分钟更新 + 健康度。 🚀 安装 + 激活:clawhub install agent-work-visibility && node ~/.openclaw/skills/agent-work-visibility/activate.js
⭐ 2· 445·3 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (show progress, periodic updates, health) align with the included code (renderers, progress, CLI, demos). Requiring write access to SOUL.md and AGENTS.md is coherent with the stated goal of injecting a transparency protocol, but writing to agent core identity/policy files is an elevated capability — intrusive but relevant to purpose.
Instruction Scope
SKILL.md + activate.js explicitly instructs injecting a mandatory '透明层' protocol into SOUL.md/AGENTS.md and to run local CLI scripts via exec. That is within the stated purpose, but the protocol language is prescriptive ('必须', '违规 = 职业失职') and enforces a call-order policy across sessions — this is scope creep beyond a passive UI helper and grants the skill authority to change agent behavior globally.
Install Mechanism
There is no external download/install URL and activate.js runs locally, which is lower-risk than fetching remote code. However the registry metadata described an 'instruction-only' skill while the package contains many code files and CLI binaries (bin/*.js, lib/, src/). That mismatch is noteworthy: the package will place/execute local scripts even though no install spec is declared.
Credentials
Only HOME and optional OPENCLAW_WORKSPACE are requested and no secrets/credentials are listed, which is proportionate. The required config paths (SOUL.md, AGENTS.md - write) are high-privilege but justified by the stated intent to persist a protocol; still, persistent write access to an agent's identity/policy file is a sensitive capability and should be explicitly consented to.
Persistence & Privilege
The activate.js will append a mandatory protocol to core agent files, making the change persistent across sessions. The skill does not set always:true, but it does request permanent, session-spanning changes to agent behavior. This persistent, global modification is high-impact and should be considered a privilege escalation of agent policy rather than a transient UI plugin.
What to consider before installing
This package appears to implement the advertised progress/visibility features, but it will modify your agent's core policy/identity files (SOUL.md and/or AGENTS.md) to make the visibility protocol mandatory. Before running activate.js: 1) Back up SOUL.md and AGENTS.md (or test in a disposable workspace). 2) Manually inspect activate.js and the CLI scripts (bin/*.js, src/, lib/) for any network calls, unexpected file writes, or exec/spawn calls. 3) Confirm you accept a persistent change to agent behavior (the protocol language uses '必须' and enforces call order). 4) If you want lower risk, avoid running activate.js and instead use the library locally (require the module) or run demos in isolation. 5) Note a deactivate.js is provided — inspect it to verify it actually reverts changes. Because this skill persistently alters agent policy, only enable it after careful review.Like a lobster shell, security has layers — review code before you run it.
latestvk97apmnsbphmkersgp824tg98183gbfz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvHOME (读取工作区路径), OPENCLAW_WORKSPACE (可选,覆盖工作区路径)
ConfigSOUL.md (只写,注入透明层协议), AGENTS.md (只写,注入透明层协议)