ClawHub

Colleague.skill

v1.0.1

Distill your colleagues' work styles, thinking patterns, and institutional knowledge. Self-learning — deepens with every observation. When they leave, what t...

0· 138·0 current·0 all-time
by@realteamprinz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (capture and preserve colleagues' work styles) lines up with the files and templates provided. No extra credentials, binaries, or config paths are requested that would be unrelated to that purpose.
Instruction Scope
SKILL.md instructs the agent to accept user-provided observations, build profiles, and store them locally; it explicitly forbids scraping/monitoring/transmission. There are no steps that reference system files, network endpoints, or other credentials beyond the declared local storage path.
Install Mechanism
No install spec and no code files; the skill is instruction-only. Nothing is downloaded or written by an installer, so there is low platform-level disk/network risk coming from this package itself.
Credentials
requires.env, primary credential, and config paths are empty. The skill does not request any secrets or external-service credentials, which is proportionate for its stated functionality.
Persistence & Privilege
The skill stores data under a clearly documented local path (~/.colleague-skill/). It does not request always:true or other elevated persistent privileges. No instructions to modify other skills or system-wide configs are present.
Assessment
This skill appears internally consistent, but consider privacy and platform risks before installing: only record observations you are permitted to store, avoid sensitive personal data (medical, financial, protected attributes), and follow company policies and legal requirements. Although the skill's docs say 'local only', the platform/agent runtime may still have network or broader file access — check your agent's permissions (network, file system) to ensure data can't be sent off-device. If you plan to keep profiles with sensitive institutional knowledge, consider encrypting the folder or restricting OS file permissions and inform affected colleagues where appropriate.

Like a lobster shell, security has layers — review code before you run it.

latestvk9756ma9yynxc1mxm8tpzq5ktn84jcre

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments