Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Lucky Build Execution Protocol
v1.0.1Systematic protocol for working through a project build queue (NEXT_TASKS.md). Use when a project has an ordered task list and you need to pick up, execute,...
⭐ 0· 73·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Most steps (reading NEXT_TASKS.md, running tests, committing checkpoints, selecting models) align with a build-execution protocol. However, hard-coded steps like checking 'Jinx' via ssh -i ~/.ssh/lucky_to_mac luckyai@100.90.7.148 and reading memory/YYYY-MM-DD.md are not justified by the stated purpose and look out-of-band for a generic build protocol.
Instruction Scope
SKILL.md instructs the agent to read local session/memory files, run session_status and session_status(model=...), run test suites, make git commits, and contact an external host over SSH and HTTP. Reading agent memory files and an explicit private key path (~/.ssh/lucky_to_mac) is sensitive and goes beyond normal build assistance. The auto-trigger behavior (when NEXT_TASKS.md exists) means these instructions could run whenever the file is present.
Install Mechanism
Instruction-only skill with no install spec or code to write to disk; this minimizes install-time risk. There is no installer that downloads or executes third-party code.
Credentials
Declared requirements list no credentials or config paths, but SKILL.md explicitly references a private SSH key file (~/.ssh/lucky_to_mac), a specific remote host (100.90.7.148), and agent memory files — sensitive resources not declared in the metadata. That mismatch is a red flag for possible credential access or exfiltration.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent system presence or claim to modify other skills. The auto-trigger on NEXT_TASKS.md is reasonable for a build protocol but worth noting because it causes the instructions to run whenever the file is present and the user asks to continue.
What to consider before installing
This skill mostly reads like a disciplined build checklist, but it contains unexplained and sensitive actions: it tells the agent to read local agent memory files and to SSH with a specific private key (~/.ssh/lucky_to_mac) to a hard-coded IP (100.90.7.148). Before installing or enabling this skill, ask the author to: (1) remove or justify any step that requires access to ~/.ssh or other private keys and to declare those as required config paths if truly needed; (2) explain what 'Jinx' is, why a fixed IP and key are used, and whether network traffic will leave your environment; (3) declare any access to agent memory or other internal files and limit it to the minimum required; (4) confirm whether the skill will auto-trigger and whether it will make git commits/modify project files — and provide an opt-out or dry-run mode. If you can't get clear, constrained answers, run the skill only in an isolated sandbox and audit file and network activity while it runs.Like a lobster shell, security has layers — review code before you run it.
autonomous-agentvk97bwetnqp52v7kgcjge0hrftn83mmehbuildvk97bwetnqp52v7kgcjge0hrftn83mmehlatestvk97bwetnqp52v7kgcjge0hrftn83mmehopenclawvk97bwetnqp52v7kgcjge0hrftn83mmehproject-managementvk97bwetnqp52v7kgcjge0hrftn83mmehworkflowvk97bwetnqp52v7kgcjge0hrftn83mmeh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.