ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Agent Training Manual

v1.0.0

AI 代理新员工培训手册。包含心态原则、工作区规范、沟通规范、工具使用、定时任务、血泪教训、推荐技能清单、入职检查清单。适用于新 OpenClaw 代理快速上手,避免常见错误。当新代理加入团队、需要培训指导、或想了解 AI 代理最佳实践时使用。

0· 33·0 current·0 all-time
by@harrot90-code
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the contents: this is a training/manual skill and the files are onboarding docs. Asking an agent to read and maintain workspace files (~/.openclaw/workspace/, MEMORY.md, .learnings/) is consistent with a training manual. However, some recommended commands (e.g., `find / -name "*.json" | grep token`) target the entire filesystem rather than the stated workspace and are broader than needed for onboarding.
!
Instruction Scope
SKILL.md and the docs instruct agents to read and write many local files (MEMORY.md, .learnings, memory/*), run filesystem searches, call platform tools (feishu_doc, cron list) and use network APIs (reddit, bocha). While most of this fits a how-to manual for agents, explicit guidance to search the whole filesystem for tokens or to run `find /` is a scope creep and raises risk of scanning sensitive system files. The docs do not instruct sending discovered secrets externally, but they do not restrict how found credentials are handled.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by an installer and no arbitrary downloads are specified. This is the lowest install risk.
Credentials
The registry metadata declares no required env vars or config paths, but the instructions reference accessing local workspace files and searching system files for tokens/configs. That mismatch (no declared config requirements but explicit advice to enumerate tokens/configs) is noteworthy: the skill implicitly expects access to local files even though it declares none.
Persistence & Privilege
Flags: always=false and disable-model-invocation=false (normal). The skill does not request permanent presence or modify other skills. No elevated privileges or persistence mechanisms are requested.
What to consider before installing
This is a readable onboarding manual and mostly does what it says, but it also recommends broad filesystem searches (e.g., `find / -name "*.json" | grep token`) and reading local memory files. Before installing or enabling this skill: (1) only allow it to run in an isolated/test environment first — don't grant it blanket access to your whole filesystem; (2) if you let an agent act on these instructions, restrict its ability to run system-wide commands or scanning operations and restrict network egress; (3) consider editing the manual to scope searches to the agent workspace (e.g., ~/.openclaw/workspace/) instead of `find /`; (4) confirm you trust the author/source (no homepage or verifiable owner); and (5) if MEMORY.md or other files contain sensitive info, ensure the agent's runtime enforces the manual's own privacy rule (only read MEMORY.md in private contexts). If you want higher assurance, ask the publisher for provenance or run the skill in a sandboxed account first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dsg70tcny8yqwps5h4rm94184yyff

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments