ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

task killer

v1.0.0

快速识别并立即中断当前执行任务,清理所有相关资源,节省 token 和时间,准备执行新任务。

0· 130·0 current·0 all-time
byshiker@shiker1996
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with requested capabilities: the skill declares and uses tools for subagents, process management, and filesystem cleanup — these are expected for a task-killer.
!
Instruction Scope
SKILL.md and index.js instruct the agent to list and kill subagents and processes and to delete temp files, but they do not require or enforce scoping to only those resources owned by the current task/session. This could allow killing unrelated agents/processes or removing files outside a safe workspace. There are also minor contradictions about immediate no-tool-calls vs. performing cleanup actions.
Install Mechanism
No install spec and no external downloads; the skill is instruction-first with a small JS implementation included, so it does not pull arbitrary code from remote hosts.
Credentials
No environment variables or external credentials requested. However the skill requires access to high-privilege tools (subagents, process, filesystem) which is proportionate to its purpose but nevertheless powerful — ensure those tool APIs have appropriate scoping/permissions.
Persistence & Privilege
always:false and no indications the skill will force-enable itself or change other skills' configs. It writes a local interrupt record file by design; that is expected behavior.
Scan Findings in Context
[missing-tool-modules] expected: index.js imports './tools/subagents.js', './tools/process.js', and './tools/filesystem.js' but those helper modules are not present in the package — this is plausible if the platform supplies these tool APIs, but you should verify what concrete implementations will run and what privileges they have.
What to consider before installing
This skill is coherent with its stated purpose, but it needs broad runtime privileges (process/subagent termination and filesystem writes). Before installing: 1) Confirm what the platform-provided 'subagents' and 'process' tools can access — are they limited to the agent's own children or can they affect system/global processes? 2) Ensure kills are scoped to resources owned by the current task/session and that confirmation behavior (confirm vs. immediate kill) matches your safety needs. 3) Consider enabling a confirmation prompt and restricting tempDir to a dedicated sandbox. 4) Test in a safe/sandbox environment to observe which processes/files it actually terminates. If you cannot verify tool scoping, avoid granting this skill process-level permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97capq2rd37z75hymdqrrr3e58358tp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments