ClawHub

Firm Skill Loader Pack

v1.0.0

Skill lazy loading and search pack. On-demand SKILL.md loading and keyword-based skill search. 2 loader tools.

0· 302·2 current·2 all-time
by@romainsantoli-web
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description claim lazy-loading and keyword search of local SKILL.md files. The SKILL.md references two tools (openclaw_skill_lazy_loader, openclaw_skill_search) but provides no code — it declares a dependency on mcp-openclaw-extensions >= 3.0.0 which plausibly supplies those tools. This is coherent, but the skill doesn't include the implementations itself, so you must trust the declared extension.
Instruction Scope
Instructions describe searching the local skills directory and lazy-loading SKILL.md files — this is within the stated purpose. The guidance is high-level and vague about exact paths and behaviors (what gets read, filtered, or returned), so there's some scope ambiguity: confirm what files the underlying tools will read and whether SKILL.md contents could be exposed to other skills or logs.
Install Mechanism
No install spec and no code files (instruction-only), so nothing is written to disk by this package itself. Risk is low from the skill bundle, but behavior depends on the external mcp-openclaw-extensions implementation which is not included here.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. That is proportionate to its described purpose.
Persistence & Privilege
Default flags (always:false, user-invocable:true, model invocation allowed) — no elevated persistence requested and no modification of other skills or system-wide settings is described.
Assessment
This is an instruction-only loader/search pack that depends on mcp-openclaw-extensions >= 3.0.0 to provide the actual tools. Before installing: (1) Verify the source and trustworthiness of the mcp-openclaw-extensions package (where it comes from and what permissions it needs). (2) Confirm what filesystem paths the underlying tools will read (ensure they won't expose secrets or unrelated files). (3) If possible, get or review the actual implementation of openclaw_skill_lazy_loader and openclaw_skill_search to confirm they behave as documented. If you cannot verify the extension or tool implementations, avoid installing or run in a restricted/test environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk972ae1r1e4dhgr6csead9xs698247ec

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments