ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Oversight

v1.0.0

Comprehensive AI agent oversight and management skill. Monitors sub-agents, manages file edit coordination, logs failures, kills hung sessions, and maintains...

0· 54·1 current·1 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description claim session killing, file-edit coordination, failure logging, and rule enforcement. The only required runtime binary is python3 and the included code merely prints status and runs 'openclaw sessions list --json'. The claimed capabilities (automatic kill, file locking, logging to learnings.md) are not implemented in the shipped code, an incoherence between purpose and actual capability.
!
Instruction Scope
SKILL.md instructs commands including --kill-hung and promises behavior like logging and file coordination, but oversight.py implements only --status and --list-sessions; --kill-hung and any file I/O/logging behavior are absent. The runtime instructions therefore overstate what the agent will do.
Install Mechanism
No install spec is provided (instruction-only with a single Python script). This is low-risk in terms of arbitrary downloads or on-disk installers.
Credentials
The skill declares no required environment variables or credentials, which is consistent with the tiny script. However, the script invokes an external 'openclaw' CLI without declaring what access or credentials that CLI needs — the reviewer should confirm what that CLI does and whether it requires privileged access or tokens.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent presence or modify other skills' configs in the provided files.
What to consider before installing
Do not install or enable this skill expecting the advertised oversight features: the shipped code only reports status and lists sessions via an external 'openclaw' CLI. Ask the author for a complete implementation (show the kill/hung-session logic, file-locking coordination code, and explicit logging behavior), and for details about the 'openclaw' command (what it requires, what data it returns, and whether it needs credentials). Until those are provided, treat the skill as incomplete — test it in a safe environment and verify the external CLI is trusted before granting it access to agent session management.

Like a lobster shell, security has layers — review code before you run it.

latestvk9734rsjj4ch1jcm5vwf4n8xdh83tj8m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binspython3

Comments