Auto Workflow
Builds automation workflows from repetitive tasks. Use when user mentions "automate", "save time", "reduce manual work", or has repeated tasks.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 1 · 817 · 5 current installs · 6 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name and description match the SKILL.md: it aims to identify repetitive tasks and produce automation workflows and scripts. However, the skill gives examples (collect system status, generate reports, send email) that would normally require access to systems, credentials, or external services — none of which are declared in the manifest. That lack of stated dependencies is a notable omission but not necessarily malicious on its own.
Instruction Scope
SKILL.md explicitly tells the agent to 'see repetition → immediately construct automation' and '直接做,不等用户要求' (do it directly, don't wait for the user). It also describes collecting system state, writing scripts, and executing them. These instructions are broad and grant the agent significant discretion to read state, create/execute code, and potentially transmit outputs, without specifying boundaries, consent steps, or what data sources are allowed.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes supply-chain risk because nothing is downloaded or written by an install step.
Credentials
The skill implies needs (email sending, collecting system data, running scripts) that typically require credentials, API keys, or file/system access, but requires.env and primary credential fields are empty. The manifest does not declare any sensitive env vars nor config paths, creating an incoherence between intended actions and requested privileges.
Persistence & Privilege
always is false (good). However, SKILL.md's instruction to proactively act when it detects repetition combined with the platform-default ability for skills to be invoked autonomously increases the operational risk: the agent could autonomously create and run automations unless additional guardrails are applied. The skill does not request persistent presence or attempt to modify agent-wide config, which reduces severity.
What to consider before installing
This skill describes building automations and explicitly tells the agent to act immediately when it notices repetition. Before installing, consider: 1) The skill gives no details about required credentials (SMTP, API keys, system access) yet implies it will collect system state and send messages — clarify which services it will use and how credentials are provided. 2) The instructions encourage autonomous execution of generated scripts; require an explicit approval step (review & run) before the agent executes anything. 3) Test generated automations in a sandbox before granting access to production systems or real accounts. 4) If you need stricter control, disable autonomous invocation or request the author add explicit consent and scope limits in SKILL.md (which systems to access, what data may be read, how outputs are delivered). Given these mismatches and the proactive behavior, treat this skill with caution — it's not obviously malicious but is ambiguous and could perform unintended actions.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Auto Workflow
把重复任务自动化的能力。
能力轮廓
- 输入:重复性任务/手动操作
- 输出:自动化工作流 + 执行脚本
- 核心逻辑:识别 → 抽象 → 自动化 → 测试
工作流
1. 观察 - 用户在重复做什么?
2. 抽象 - 这个任务的模式是什么?
3. 设计 - 怎么自动完成?
4. 实现 - 写脚本/配置
5. 测试 - 小范围验证
6. 优化 - 迭代改进
示例
用户每周手动发周报:
- 收集数据(系统状态)
- 整理成模板
- 发送邮件
自动化后:
- 每周五自动执行
- 收集本周数据
- 生成报告
- 自动发送
思维模式
不是"回答问题",而是"看到重复→立刻构建自动化"
遇到重复操作时:
- 问自己:能否写成脚本?
- 问自己:下次能否自动跑?
- 直接做,不等用户要求
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…