ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Optimizer

v1.0.0

V6.1 Agent 性能优化器 - 基于轨迹分析和奖励反馈的轻量级优化框架

0· 402·0 current·1 all-time
by@sandmark78
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (Agent performance optimizer) align with what the skill does: record trajectories, emit rewards, analyze trends, and generate reports. Required binary (python3) is appropriate and no unrelated credentials or external services are requested.
Instruction Scope
Instructions consistently operate on per-agent workspace paths (/workspace/subagents/{agent_id}/optimizer/*) and only read/write local files, which fits the stated purpose. However, the SKILL.md and example code reference helper functions that are not defined in the included files (get_current_prompt_version, get_reward, analyze_patterns, generate_suggestions, execute_with_prompt, count_code_blocks). That means successful runtime depends on other runtime-provided utilities or omitted code — a functionality gap rather than malicious behavior.
Install Mechanism
Instruction-only skill with no install spec and only small local Python scripts provided — lowest-risk install model. No downloads from external URLs or archive extraction.
Credentials
The skill requests no environment variables or credentials. All file access is scoped to a workspace path for subagents; no access to system-wide credentials or external endpoints is requested.
Persistence & Privilege
Flags are default (always:false, agent-invocable allowed). The skill writes only to its own per-agent optimizer directory; it does not modify other skills or global agent config. No elevated persistence requested.
Assessment
This skill appears to do what it says (record trajectories, collect rewards, analyze and report). Before installing, verify that your OpenClaw runtime provides the helper functions referenced in the examples (get_current_prompt_version, get_reward, analyze_patterns, generate_suggestions, execute_with_prompt, count_code_blocks) or provide implementations yourself. Note that generate_report.py has a missing import (uses defaultdict but doesn't import it) and some placeholder logic (reward matching is 'pass') — test the scripts in a non-production environment first. Also confirm that writing optimizer data to /workspace/subagents/{agent_id}/optimizer is acceptable for your deployment and that no sensitive information will be recorded in those files.

Like a lobster shell, security has layers — review code before you run it.

latestvk977v9f7wk4gyvsd9392406m858202jc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
Binspython3

Comments