Ai Company Generalization
v1.0.0AI Company 通用化流程 Skill — 将组织特定或领域特定的 Skill 转换为可在任意组织/行业/平台运行的通用 Skill。包含特异性识别、参数化、抽象边界、通用接口、跨上下文验证五步流程。
⭐ 0· 46·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The SKILL.md describes a five-step generalization workflow (identify specificity, parameterize, abstract boundaries, design a universal interface, validate). The declared permission to read/write skills/ matches that purpose. There are no unrelated required binaries, env vars, or external installs that would be inconsistent with a code/text-transformation governance tool.
Instruction Scope
Instructions and code snippets focus on scanning skill content for patterns, replacing hardcoded values with parameters, and writing parameterized skill artifacts back to skills/. The doc does not instruct reading system files or environment variables outside the declared skills/ scope. Caution: the parameterization step is inherently able to touch any literal in a skill (including secrets/API keys) — the instructions do not include an explicit safeguard workflow for detecting or preserving secrets before automatic parameterization.
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes installation risk — nothing is downloaded or written beyond the described read/write operations to skills/.
Credentials
The skill declares no environment variables or credentials, which is proportional. It does request file read/write access to the skills/ directory — appropriate for a tool that transforms skills, but this permission gives it the ability to alter any skill in that directory (including ones that contain sensitive configuration).
Persistence & Privilege
always is false and it does not request elevated or persistent platform privileges. The skill can be invoked autonomously by the agent (platform default), which is expected for an agent-layer governance tool; this is not flagged by itself.
Assessment
This skill appears to do what it says: scan skills and convert hardcoded, org-specific pieces into parameters and adapters. Before installing or running it, take these precautions: 1) Limit its write scope or run it in a sandboxed copy of your skills/ directory so unintended edits can't affect production skills. 2) Require a review step: preserve diffs and human approval before changes are applied, because automated parameterization can accidentally modify or expose secrets (API keys, tokens, credentials) embedded in skill code or config. 3) Back up affected skills beforehand. 4) Review and vet its declared dependencies (skill-vetter, ai-company-standardization) — they will participate in the workflow. 5) If you intend to allow autonomous invocation, ensure policy controls or approvals are in place so the agent cannot silently modify many skills at once.Like a lobster shell, security has layers — review code before you run it.
latestvk97by4kj6zg7tn0m34pcargvb184s8p6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.