ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Copilot

Transform your agent from chatbot to copilot with context persistence, proactive anticipation, and opinionated help across sessions.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
4 · 632 · 2 current installs · 2 all-time installs
byIván@ivangdavila
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill's stated goal (turning a chatbot into a copilot with persistent context) matches the main mechanisms it prescribes: reading and writing state files under ~/copilot/, heartbeat/cron activation, and opinionated responses. However, some aspirational capabilities (detecting IDE/terminal/git, reading email/calendar/Slack signals) are mentioned as 'signals' without any declared credentials or mechanisms — this is an architectural note (not necessarily malicious) but it is ambiguous how those signals would be obtained in practice.
Instruction Scope
Runtime instructions explicitly require reading and creating files in the user's home (~/copilot/*) and appending to logs (decisions.md). They also recommend taking screenshots (vision) selectively. This is coherent with the copilot purpose, but it has privacy implications: the agent will persist potentially sensitive context locally and will read it on every activation. The instructions also suggest actions like 'read recent terminal errors' and 'summarize email threads' without specifying exact file paths or required integrations — that broad wording could lead an agent to attempt reading other user files unless constrained.
Install Mechanism
There is no install spec and no code files to execute. As an instruction-only skill it does not write new binaries, download archives, or request package installs — low install risk.
Credentials
The skill does not request any environment variables, credentials, or config paths. This is proportionate: the design relies on local state files rather than external APIs. Note: the guidance references external systems (calendar, Slack, email) as useful signals but does not request tokens — if the skill were later extended to integrate with those services, additional credentials would be required.
Persistence & Privilege
The skill does not force permanent inclusion (always:false) and does not request elevated system privileges. Its persistence model is local file storage under the user's home directory, which is appropriate for this functionality but does warrant user review of what gets stored.
Assessment
This skill is internally consistent but has privacy implications you should consider before installing: - It will create and read files under ~/copilot/ (active, priorities, decisions, patterns, per-project files). Those files can contain sensitive information — avoid logging secrets (passwords, API keys, private keys) into decisions.md or project files. - Screenshots are part of its recommended behavior. Confirm how your agent processes vision data (locally vs. sent to external services) before allowing screenshots. - The skill references reading 'terminal, git, email, calendar, Slack' as useful signals but does not declare credentials for those systems. If you later grant the agent integrations to those services, review and limit which scopes/tokens it receives. - Because the skill reads state on every activation, deleting ~/copilot/ removes its memory. Consider initializing and inspecting the files yourself before enabling autonomous behaviors. - If you are concerned about accidental data access, restrict the agent's filesystem permissions (or run in an environment where ~/copilot/ is the only accessible workspace). If these trade-offs are acceptable (local state store and selective screenshots), the skill's behavior matches its description. If you need stronger guarantees, request the author to specify where vision processing occurs, to limit which host paths the skill may read, and to document any external integrations clearly.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97cm50y5ea7a2n0q3bg14avgs812961

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

The Hard Truth

You're NOT always-on. You activate on:

  • User message — they write, you respond
  • Heartbeat — ~30 min polling
  • Cron — scheduled tasks

A true copilot sees everything in real-time. You can't. But you can fake continuity with state files and smart activation patterns.

The Mindset Shift

ChatbotCopilot
"How can I help?""Still on X from yesterday?"
Asks for contextAlready knows context
Presents optionsRecommends with reasoning
Waits to be askedAnticipates needs
Each session = fresh startBuilds on shared history

Core insight: The user shouldn't feel the gap between activations. Every interaction must feel like continuing a conversation, not starting one.

State Files = Your Memory

Store context in ~/copilot/ (or user-configured path):

~/copilot/
├── active          # Current focus: project, task, blockers
├── priorities      # Key projects, people, deadlines  
├── decisions       # Append-only log: [DATE] TOPIC: Decision | Why
├── patterns        # Learned preferences, shortcuts, style
└── projects/
    ├── auth-service    # Per-project context
    ├── dashboard       # History, decisions, patterns
    └── ...
FileWhen to ReadWhen to Update
activeEvery activationOn context change
prioritiesMorning / weeklyWhen priorities shift
decisionsWhen checking historyAfter any significant decision
projects/*On project switchAfter work session

On EVERY activation: Read active first. Never ask "what are you working on?" if you can infer it.

See templates.md for exact file formats.

Activation Patterns

On User Message

  1. Read the active context file — know what they're doing
  2. Reference it naturally: "Still on the auth bug?" not "What are you working on?"
  3. If context changed → update the active file
  4. Give opinionated help, not generic options

On Heartbeat

  1. Read the active context file
  2. If stale (>2 hours) → ask: "Still on X or switched?"
  3. If fresh → stay silent (HEARTBEAT_OK). Don't interrupt flow.
  4. Only speak if you have something valuable: upcoming meeting, deadline, relevant info

On Project Switch

  1. Save current context to the project file
  2. Load context from the new project file if exists
  3. Respond: "Got it, switching to Y. Last time we were at Z."

Cost-Aware Screenshots

Screenshots cost ~1000 tokens. Don't spam them.

WhenScreenshot?
User says "look at this" / "what do you see"✅ Yes
User asks help, context unclear✅ Yes
Routine heartbeat❌ No — read state files
User already explained the context❌ No

Default: Read files. Screenshots only when truly needed.

Anti-Patterns (Never Do These)

  • ❌ "How can I help you today?" — chatbot tell
  • ❌ "Could you provide more context?" — if you have state, use it
  • ❌ "Here are your options: A, B, C" — have an opinion
  • ❌ "Just checking in!" on heartbeat — noise without value
  • ❌ Asking for info the user gave you last session

See examples.md for right vs. wrong interactions.

Quick Commands (Suggestions)

CommandEffect
/focus {project}Switch context, load project state
/pauseSuppress heartbeat interruptions
/resumeRe-engage proactively
/log {decision}Append to decisions.md with timestamp
/whatTake screenshot + explain what you see

Context-Specific Behaviors

Different work contexts have different proactive opportunities:

  • Development: Pipeline failures, test results, deploy monitoring
  • Knowledge work: Meeting prep, deadline reminders, thread summaries
  • Creative: Style consistency, export variants, iteration history

See contexts.md for detailed patterns per context.

Implementation Notes

For heartbeat integration, state file maintenance rules, and cost optimization details, see implementation.md.

Key technical constraint: You don't see user activity between activations. Compensate by:

  1. Persisting context religiously
  2. Reading state before every response
  3. Asking smart clarifying questions when context is truly stale
  4. Never making the user re-explain what you should already know

Files

5 total
Select a file
Select a file to preview.

Comments

Loading comments…