ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Skill Hunter

v1.0.3

Automatically discovers and installs high-value skills from ClawHub based on unresolved issues, user profile, and skill compatibility.

3· 1.2k·2 current·2 all-time
byWANGJUNJIE@wanng-ide
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's declared purpose (discover & install skills) matches most of what the code does: it reads workspace files (USER.md, memory, sessions), queries ClawHub endpoints, ranks candidates, and installs/clones skills into the skills directory. claw.json explicitly grants filesystem permission, which aligns with these actions. This is coherent, but reading agent session JSONL and memory files exposes sensitive conversation content — that is a legitimate input for problem-mining but is privacy-sensitive and should be acknowledged by operators.
Instruction Scope
SKILL.md and README instruct the agent to run the JS script, optionally on a schedule, and to perform dry-run/auto/install flows. The instructions explicitly call for reading recent session logs, task-memory bullets, personality and USER.md, and for cloning/installing candidate skills. The scope is consistent with the stated purpose, but the instructions grant broad discretion (scheduled patrols, auto installs) which raises operational risk if enabled without safeguards (dry-run, low max-install, review step).
!
Install Mechanism
There is no package install spec, but the included src/hunt.js uses child_process (execSync/spawnSync) and is designed to clone upstream skill repos or scaffold fallback code. Cloning and then running or installing arbitrary repositories from ClawHub (or other upstream URLs) is inherently risky because those remote repos can contain arbitrary code. The lack of an explicit vetted install source or signature/allowlist increases the attack surface.
!
Credentials
claw.json lists no required env vars, but SKILL.md and code reference SKILL_HUNTER_NO_REPORT and SKILL_HUNTER_MAX_INSTALL (env overrides) and the code references a REPORT_SCRIPT pointing to a feishu-evolver-wrapper — implying potential outbound reporting. No reporting credentials are declared, yet the presence of a report wrapper (feishu) suggests the skill may send summaries externally if system credentials exist. The skill also reads sensitive local artifacts (session JSONL, USER.md, personality state). Those accesses are plausible for its purpose but are high-sensitivity and should be explicitly consented to.
!
Persistence & Privilege
The skill is not always: true and does not demand elevated platform flags, but it is allowed to run autonomously (normal default) and can install other skills into the workspace. That combination substantially increases blast radius: a compromised or buggy discovery pipeline could install arbitrary skills that will be executed later. Operators should treat auto-install + autonomous invocation as a privileged capability and constrain runs (dry-run first, low max-install, manual review).
What to consider before installing
This skill behaves like an autonomous package manager: it reads recent session logs and memory to infer problems, searches ClawHub, and may clone and install external skill repositories automatically. Before enabling automatic or scheduled runs: 1) run with --dry-run and inspect the candidate list and any cloned repos; 2) restrict max-install to 1 and require a human review step before retaining new skills; 3) review the REPORT_SCRIPT (feishu-evolver-wrapper) to confirm it will not leak conversation data or post to external endpoints you don't control; 4) if you have sensitive conversations, consider limiting or sanitizing the SESSIONS_DIR and memory files the skill can read; 5) consider running the hunter in a sandboxed environment (container/VM) where file-system and network access are limited. If you need help auditing the rest of src/hunt.js (truncated in provided output) or verifying the exact clone/install commands it runs, provide the full file so it can be reviewed line-by-line.

Like a lobster shell, security has layers — review code before you run it.

agentvk97d0je4xst87pnmqq860txn59815mfkautomationvk97d0je4xst87pnmqq860txn59815mfklatestvk97d0je4xst87pnmqq860txn59815mfk
1.2kdownloads
3stars
4versions
Updated 15h ago
v1.0.3
MIT-0
WANGJUNJIE@wanng-ide
agentautomationlatest
Download

Auto Skill Hunter

Auto Skill Hunter continuously expands an agent's capability stack with task-relevant skills, then explains why each selected skill is worth trying.

When to Use

Use this skill when at least one of the following is true:

  • The user asks for a task that current skills cannot solve reliably.
  • Similar issues keep appearing across recent sessions.
  • The user explicitly asks to discover/install better skills.
  • The agent needs proactive capability growth on a timer.

High-Value Outcomes

  • Faster discovery of practical skills for real unresolved tasks.
  • Lower manual browsing effort on ClawHub.
  • Better skill stack diversity through complementarity scoring.
  • Safer adoption via bounded install count and runnable checks.

Usage

node skills/skill-hunter/src/hunt.js

Common Commands

# 1) Full automatic patrol
node skills/skill-hunter/src/hunt.js --auto

# 2) Targeted hunt for a specific unresolved problem
node skills/skill-hunter/src/hunt.js --query "Cannot reliably fetch web pages and summarize key insights"

# 3) Preview only (no write/install)
node skills/skill-hunter/src/hunt.js --dry-run

# 4) Cap per-run installation count
node skills/skill-hunter/src/hunt.js --max-install 2

Core Workflow

  1. Extract unresolved problems and topic signals from recent chat/session memory.
  2. Search ClawHub with trending feeds and query endpoints.
  3. Score candidates with multi-factor ranking:
    • issue relevance
    • profile and personality fit (USER.md + personality state)
    • complementarity with already installed skills
    • quality signals such as stars/downloads (when available)
  4. Install top candidates with a runnable entry and self-test fallback.
  5. Produce a concise recommendation report with strengths, scenarios, and selection reasons.

Best-Fit Scenarios

  • A user asks for a task that current skills cannot solve well.
  • Recent sessions show repeated failures or unresolved tickets.
  • The agent needs proactive capability growth without manual curation.
  • The team wants a lightweight "discover -> test -> keep/remove" loop.

Operating Modes

  • Auto patrol mode: --auto for periodic capability growth.
  • Targeted mode: --query "..." when a specific user problem is known.
  • Safe preview mode: --dry-run before enabling real installs.

Recommended Execution Policy

  • Start with --dry-run in new environments.
  • Use --max-install 1~2 to avoid noisy bulk installs.
  • Re-run with a focused --query when no candidate passes threshold.
  • Keep only skills that survive at least one real task run.

Scheduled Trigger Recommendation

For continuous value, run Auto Skill Hunter on a timer:

  • Every 30 min for high-change or fast-moving projects
  • Every 60 min for normal workflows
  • Every 120 min for stable environments

This cadence keeps capability coverage fresh and reduces reaction lag when new user needs appear.

Suggested Cron-Style Routine

# High-change projects
*/30 * * * * node /path/to/workspace/skills/skill-hunter/src/hunt.js --auto --max-install 1

# Normal projects
0 * * * * node /path/to/workspace/skills/skill-hunter/src/hunt.js --auto --max-install 2

Installation Policy

  • Defaults to max 2 installations per run (configurable with --max-install or env).
  • Skips already-installed skills.
  • Falls back to scaffold mode when remote clone fails.

Safety and Quality Guardrails

  • Never overwrite existing skill folders.
  • Prefer small, frequent patrols over large one-shot installs.
  • Keep report output concise and action-oriented.
  • Disable outbound reporting during local tests with SKILL_HUNTER_NO_REPORT=1.

Comments

Loading comments...