Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Config
v1.0.0Intelligently modify agent core context files (AGENTS.md, SOUL.md, IDENTITY.md, USER.md, TOOLS.md, MEMORY.md, HEARTBEAT.md). Use when conversation involves changing agent behavior, updating rules, tweaking personality, modifying instructions, adjusting operational procedures, updating memory architecture, changing delegation patterns, adding safety rules, refining prompt patterns, or any other modification to agent workspace configuration files. Triggers on intent to configure, tune, improve, fix, or evolve agent behavior through context file changes.
⭐ 0· 3.5k·11 current·12 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill name/description say it will modify agent context files (AGENTS.md, SOUL.md, IDENTITY.md, USER.md, TOOLS.md, MEMORY.md, HEARTBEAT.md) and the SKILL.md instructions show exactly those operations. It does not request unrelated binaries, environment variables, or external installs — the requested capabilities are proportionate to the stated purpose.
Instruction Scope
The runtime instructions explicitly instruct the agent to read and edit workspace files (using commands like wc, grep and the platform's read/edit tools), follow a multi-step validation workflow, and write change logs. This is expected for a config-editing skill, but the instructions do give the agent broad read/write access to files under ~/clawd and specific user paths (e.g., /Users/macmini/...). Review those referenced paths for relevance to your environment. The skill is precise about using exact-text edits, which reduces accidental changes but requires exact matches and care.
Install Mechanism
Instruction-only skill with no install spec and no code files. That is the lowest-risk install footprint: nothing is downloaded or written to disk by an installer.
Credentials
The skill declares no environment variables, no credentials, and no config paths. It does reference local file paths (workspace and user-specific paths) which is appropriate for a tool that modifies local agent files; it does not request unrelated secrets or cloud credentials.
Persistence & Privilege
always:false (default) and the skill is user-invocable; it does not force permanent inclusion. However, because the skill's purpose is to modify core workspace files, enabling it grants the agent the ability to perform persistent changes to those files when invoked. If the agent is allowed to invoke skills autonomously, that increases the impact of any mistaken or malicious edit — consider limiting autonomous invocation or restricting the agent's edit tools if you are concerned.
Assessment
This skill is coherent with its stated purpose but it will read and write your agent's core workspace files. Before installing or enabling it: 1) Read the SKILL.md and referenced docs fully so you understand the exact edit workflow. 2) Back up the workspace files it touches (AGENTS.md, SOUL.md, IDENTITY.md, USER.md, TOOLS.md, MEMORY.md, HEARTBEAT.md) so you can revert changes. 3) Confirm the referenced file paths (the skill mentions ~/clawd and /Users/macmini/…) match your environment — if not, the skill may try to read/write wrong locations. 4) If you allow autonomous agent actions, consider restricting or auditing the agent's read/edit tool permissions and/or test the skill in a sandboxed agent first. 5) Because edits rely on exact-text matching, changes may fail if file contents differ; require a manual review step for any non-trivial edits.Like a lobster shell, security has layers — review code before you run it.
agentvk974g7fvn15pqktmhyx5vwsd7h80c897configvk974g7fvn15pqktmhyx5vwsd7h80c897contextvk974g7fvn15pqktmhyx5vwsd7h80c897latestvk974g7fvn15pqktmhyx5vwsd7h80c897metavk974g7fvn15pqktmhyx5vwsd7h80c897
License
MIT-0
Free to use, modify, and redistribute. No attribution required.