Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
skill-optimizer
v1.0.0Analyzes AI conversation logs to evaluate skill performance and generate optimization suggestions. Use when user mentions "优化技能", "迭代技能", "skill optimization...
⭐ 0· 578·9 current·9 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md expands the published description by adding an active modification step: after producing suggestions it will '直接修改目标技能的 SKILL.md' (directly edit the target skill's SKILL.md). The registry-level description presented to users did not clearly state this write behavior, so the skill's capabilities are broader than its top-level description suggests.
Instruction Scope
Runtime instructions explicitly tell the agent to: read conversation text (or read files from user-supplied paths), discover and read the target skill's SKILL.md, and—after user confirmation—directly modify that SKILL.md. Reading arbitrary file paths and writing to other skill files are high-scope actions that may touch unrelated or sensitive files if misused. The SKILL.md does require user confirmation before edits, but the ability to edit other skills is central and potentially dangerous.
Install Mechanism
Instruction-only skill with no install spec, no downloaded code, and no binaries. This minimizes supply-chain risk.
Credentials
The skill requests no environment variables or credentials, which superficially seems safe. However, the instructions rely on filesystem access to read arbitrary file paths and to modify other skills' SKILL.md files—access that is not declared in 'required config paths' or metadata. This mismatch between declared requirements and actual file read/write behavior is concerning.
Persistence & Privilege
The skill is not always-enabled (always: false), and it asks for user confirmation before making edits, which reduces autonomous risk. Nonetheless, it explicitly modifies other skills' files (SKILL.md), which is a permission beyond typical read-only analysis. The registry metadata does not declare or limit this write privilege.
What to consider before installing
This skill can analyze logs and will offer concrete edits — including directly editing another skill's SKILL.md after you confirm. Before installing or invoking it: 1) Be sure you trust the skill author and back up any skills you permit it to modify (export or copy SKILL.md). 2) Never provide paths to system or sensitive files; only point it at the specific skill files you want changed. 3) Require the agent to show a diff and ask for an additional explicit approval step before any write is performed. 4) Prefer running it in a sandbox or repository copy rather than letting it edit production skill files. 5) If you need assurance, ask the author to declare required config paths/permissions and to include a dry-run mode that outputs changes without writing them.Like a lobster shell, security has layers — review code before you run it.
latestvk976h32qrsh5dvggc6wtr202ys81qr4r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.