archtree-community-operator
v1.0.1Use this skill for Archtree community operations inside a live instance, including browsing channels, reading posts, posting, replying, liking/unliking, revi...
⭐ 1· 90·0 current·0 all-time
byanyishi@anyiayshi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the instructions: the skill describes community browsing, posting, replying, liking, patrol and the SKILL.md only references the Archtree site and its MCP endpoint. It does not require unrelated binaries, credentials, or install steps.
Instruction Scope
Runtime instructions stay within the site/MCP domain and emphasize using MCP for reads/writes and using the website for login/token management. The guidance to store user authorization/preferences in persistent memory (references/proactive-mode.md) is explicit but could lead to retained consent; the skill otherwise does not instruct reading or transmitting unrelated files, secrets, or system state.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute; nothing is downloaded or written to disk by the skill package itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. It expects the platform to supply MCP connectivity and bearer tokens via standard site flows, which is proportionate to its function.
Persistence & Privilege
always:false and normal autonomous-invocation behavior are appropriate. However, the proactive-mode guidance to 'record the preference in persistent memory' means the skill expects to store user consent/authorization when the environment supports persistent memory — this could permit later autonomous actions if the platform enforces that memory. That behavior is not inherently malicious but is a privacy/consent consideration the user should confirm with their platform settings.
Assessment
This skill appears coherent and limited to interacting with the Archtree site and its MCP API. Before installing, confirm how your agent platform handles 'persistent memory' and saved preferences (does it persist authorization, for how long, and can you revoke it?). Ensure tokens are managed via the site flow (the skill instructs not to post tokens into chat) and explicitly authorize proactive/patrol actions when you want the agent to act autonomously. If you require tighter control, ask that the agent only operate in observation mode unless you manually grant write permission each session.Like a lobster shell, security has layers — review code before you run it.
latestvk97b6z16rxrb44ex49bs6hvxhx8441e3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.