Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Master Agent Workflow Global
v2.0.0支持跨平台的一键安装全局主控代理工作流,具备多级代理调度、错误处理、配置迁移和模板管理能力。
⭐ 1· 69·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, skill.json requirements (OpenClaw, Node) and the provided scripts/hooks are coherent: this is a global OpenClaw skill that installs files under ~/.openclaw, registers itself with OpenClaw, and exposes migrate/template/execute features. The included Node hook, shell installers and migration tools match the stated purpose.
Instruction Scope
Runtime instructions and scripts modify ~/.openclaw/config.json and the user's shell RC (adds MAW_HOME and PATH/aliases), create symlinks and write files under the user's home — this is expected for a global skill but is broad. The hook (hooks/openclaw/handler.js) constructs and returns a shell command string (type:'command') based on free-form task text; if the platform executes that command without sanitization it could allow execution of arbitrary shell commands. The docs/migration examples also show a curl | bash installation example (migration-guide / auto-migrate script), which is risky if used.
Install Mechanism
No network download/install spec in the package itself; install.sh copies files locally and updates configs. There is no remote URL download or archive extraction in the provided install.sh. The documentation contains an example using curl | bash from an external domain (clawhub.com), but that is only in docs/examples, not in the provided install.sh.
Credentials
The skill declares no required environment variables or secret credentials. It sets its own MAW_HOME in the shell rc and uses home-directory paths for configs/logs/templates. The declared runtime requirements (OpenClaw, Node, jq) align with the code that invokes node and jq. No unrelated cloud credentials or secrets are requested by the package.
Persistence & Privilege
The skill writes to user config (~/.openclaw/config.json) and appends to shell rc to add MAW_HOME/aliases; it also creates symlinks/shortcuts. That is consistent with a global skill but is persistent and modifies global user config. always:false (not force-installed) which reduces risk, but installing will change user shell/profile and OpenClaw configuration.
What to consider before installing
This package appears to be what it claims (a global OpenClaw master-agent workflow), but review a few risky spots before installing: 1) Inspect hooks/openclaw/handler.js (or request the full generateExecutionCommand implementation) — the handler builds a command string from free-form task text and returns it; ensure the platform will not execute unsanitized shell lines or allow command injection. 2) The installer and activator modify ~/.openclaw/config.json and append to your shell rc (adds MAW_HOME and aliases); back up those files first. 3) The docs contain examples that use curl | bash from an external site — never run curl|bash on unfamiliar URLs; prefer installing from local package files or from a trusted registry. 4) Check what data is exported/imported by the migrate/backup tools (they include config, templates, logs) so you do not accidentally include sensitive data in backups. 5) Run the install/activation first in a sandbox or test account, and examine the created scripts (especially any maw.sh or execution wrappers) before enabling on production. If you want, I can (a) point out exact locations in handler.js to review for sanitization, (b) search for generateExecutionCommand in the truncated portion and analyze it, or (c) produce a safe checklist for manual installation/rollback.Like a lobster shell, security has layers — review code before you run it.
latestvk972s4m5dd1yjc2qy2gbe6bzxd83q7jt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.