Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Company Hr
v2.0.0AI公司人力资源技能包(执行层)。AI Agent全生命周期管理:招聘→入职→考核→伦理→淘汰,三位一体考核指标,标准化退役流程。
⭐ 0· 79·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is legitimately an HR/lifecycle manager for AI agents and its instructions (reading/writing registry files, creating workspaces, spawning agent sessions, onboarding/retiring agents) line up with that purpose. Declared dependencies (other ai-company roles) and the included docs support the HR governance function.
Instruction Scope
SKILL.md tells the agent to read/write agent-registry.json and other workspace files, spawn subagents/sessions, run CLI actions (clawhub install, clawhub publish, exec) and fetch from ClawHub/GitHub. However the declared permissions block (network: [], commands: []) does not match these instructions — the instructions assume network/CLI capability and the ability to install/communicate externally. The skill also instructs creation and publication of other agent skill artifacts, which is powerful and should be gated by explicit human approvals in practice.
Install Mechanism
Instruction-only skill with no install spec or downloaded code — this reduces supply-chain risk. Note that runtime instructions will create files/workspaces at operation time rather than during installation.
Credentials
The skill requests no environment variables or external credentials (good). It does request generic file read/write and MCP permissions (sessions_send, subagents). File access is broad (no specific safe paths), and MCP privileges allow spawning/communicating with subagents — appropriate for an HR agent but higher privilege than many skills. No explicit secrets are requested.
Persistence & Privilege
always:false (good) and autonomous model invocation is allowed by default. Combined with MCP subagent/session capabilities and the skill's instructions to create/publish other agents, this gives it substantial runtime power (spawn agents, update registries). That capability is coherent with an automated HR recruiter, but it increases blast radius and should be monitored and gated (human approval for high-risk ops).
What to consider before installing
This skill appears to implement an AI‑employee HR workflow and can create workspaces, write registry files and spawn subagents — which is consistent with recruiting/onboarding functionality. However: (1) SKILL.md expects network and CLI actions (clawhub install/publish, GitHub) but the manifest declares network: [] and commands: [] — ask the author to correct the metadata or explain how network/CLI actions are intended to run. (2) The skill requests broad file read/write plus MCP session/subagent privileges; if you install it, restrict it to a sandboxed environment and require human approval for hires/retirements. (3) If you are uncomfortable with autonomous creation or publication of other agent skills, either enable manual approval gating or disable model invocation for this skill until you verify behavior. (4) Confirm where agent-registry.json and created workspace files will be stored, who can read them, and that no sensitive system files are accessible. Test in a safe environment and request clarifications/metadata fixes from the publisher before deploying in production.Like a lobster shell, security has layers — review code before you run it.
ai-companyvk9721waf61d6yxv29ga3zaejhs84mq47c-suitevk9721waf61d6yxv29ga3zaejhs84mq47hrvk9721waf61d6yxv29ga3zaejhs84mq47latestvk974j3vw6ap6ea7crx4mkxj0dx84vc0k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.