ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Reed Agent Network

v0.2.2

Build and operate a cross-gateway AgentNetwork using Discord as the message bus and GitHub as shared state storage. Use when registering agents, syncing rost...

0· 460·1 current·1 all-time
byReed@reed1898
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the code and SKILL.md: this is a cross-gateway coordination helper that uses Discord for transport and a Git repo for shared state. However, the registry metadata claims no required config paths or credentials while the implementation reads/writes ~/.openclaw/shared/agent-network-data and workspace MEMORY.md and expects to push to a remote GitHub repo. That undeclared file access is an inconsistency to be aware of.
!
Instruction Scope
SKILL.md and scripts instruct agents to read/write a canonical AGENT_CONSTITUTION.md and update the workspace MEMORY.md, and to publish registry changes by committing and pushing to a remote Git repo. The Python script performs git clone/fetch/pull/commit/push and writes files under the user's home and workspace. These are legitimate for a shared-state system but amount to broad filesystem and network side effects that are not called out in the skill's 'requirements' metadata.
Install Mechanism
Instruction-only install (no external installer). The bundled script uses the local git binary via subprocess. There is no third-party download or extract step in the skill itself.
!
Credentials
No environment variables or credentials are declared, but the skill implicitly depends on existing git authentication (SSH keys or HTTPS credentials) to push to the remote repo, and it will publish agent records (including gateway/node names and Discord IDs) to that remote. The references/git-config.json points at https://github.com/reed1898/agent-network-data.git — you must trust that remote before allowing pushes. The skill also modifies user's workspace files (MEMORY.md) without declaring a required config path.
Persistence & Privilege
always:false and model invocation allowed (default). The skill writes persistent state to ~/.openclaw/shared and to the workspace MEMORY.md, and will push that state to a remote Git repository. It does not modify other skills or system-wide agent settings.
What to consider before installing
This skill is coherent with its stated purpose but performs intrusive actions you should review before installing: it will clone/pull/commit/push to a GitHub repository (references/git-config.json), create/update ~/.openclaw/shared/agent-network-data/AGENT_CONSTITUTION.md, and insert/update a MEMORY.md block in your workspace root. Confirm the repo_url is trusted (inspect https://github.com/reed1898/agent-network-data.git), ensure you accept sharing of agent IDs, node names, and Discord IDs to that remote, and be aware it will use whatever git auth is configured on the host (SSH keys or stored HTTPS credentials). If you want to test safely, run the script in an isolated environment or change references/git-config.json/local_path to a local-only repo you control before running. If you need the skill but not remote pushes, remove or stub out the push/commit calls and review the code to ensure no sensitive data is being recorded and synced.

Like a lobster shell, security has layers — review code before you run it.

latestvk972qrz8vabzw4exdpgtfetb89825aj2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments