ClawHub

Auto Workflow Builder

v1.0.0

Create and manage automated workflows visually with drag-and-drop triggers, actions, conditions, and 100+ integrations without coding.

0· 948·7 current·7 all-time
by@sunshine-del-ux

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sunshine-del-ux/auto-workflow-builder.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Auto Workflow Builder" (sunshine-del-ux/auto-workflow-builder) from ClawHub.
Skill page: https://clawhub.ai/sunshine-del-ux/auto-workflow-builder
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install auto-workflow-builder

ClawHub CLI

Package manager switcher

npx clawhub@latest install auto-workflow-builder
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description promises a visual, no-code workflow builder with 100+ integrations (AWS Lambda, email/SMS, DB operations, Slack/Discord). However, the package contains no code, no installer, and no integration credentials. The SKILL.md shows only CLI examples calling ./workflow.sh, which is missing. Requesting broad capabilities without shipped code or declared credentials is disproportionate and incoherent.
!
Instruction Scope
Runtime instructions tell an agent or user to run ./workflow.sh create/add-trigger/run, and describe triggers (file changes, DB changes) and actions that imply filesystem, network, and credential access. The SKILL.md is vague about where the script comes from, how credentials are provided, and what data might be transmitted — giving the agent broad, unspecified discretion. That ambiguity increases risk.
!
Install Mechanism
There is no install spec and no code files — normally low risk — but the instructions assume a local executable and Node.js 18+. The absence of any install instructions or sources for workflow.sh is a red flag: the skill expects runtime artifacts that are not present, creating ambiguity about what would be installed or executed.
!
Credentials
The skill claims integrations (AWS Lambda, databases, email/SMS, Slack) that typically require API keys, tokens, or connection strings, yet requires no environment variables or credentials in metadata. This mismatch suggests either missing declarations or an expectation that credentials will be supplied in unspecified ways (prompts, config files, or environment), which is disproportionate and risky.
Persistence & Privilege
The skill does not request persistent privileges (always: false) and does not declare modifications to other skills or system-wide settings. Autonomous model invocation is enabled by default which is normal — it is not by itself a new concern here.
Scan Findings in Context
[no_code_files] unexpected: The static scanner found no code to analyze. For a skill whose README invokes a local script (./workflow.sh) and requires Node.js, the absence of any code or install steps is unexpected and not consistent with the described functionality.
What to consider before installing
Do not install or run this skill as-is. Ask the author for: (1) the source repository or homepage and verifiable release artifacts, (2) an install script or packaged binary for ./workflow.sh, (3) an explicit list of required environment variables/credentials and where they are stored, and (4) the exact network endpoints the workflows will contact. If you must evaluate it, inspect the code before running, run it in an isolated/test environment (air-gapped or container) and avoid supplying real production credentials until you confirm the implementation. If the author provides a public repo and clear install instructions that explain where workflow.sh comes from and what credentials are needed, re-evaluation could move this toward benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk978d93jxyxa1f0v188yvtks3s829899
948downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@sunshine-del-ux
latest
Download

Auto Workflow Builder

Build automated workflows without writing code.

Features

  • Visual Workflow Builder - Drag and drop connections
  • 100+ Integrations - APIs, webhooks, schedules
  • Triggers - Webhooks, schedules, events
  • Actions - Send email, HTTP requests, database operations
  • Conditions - If/else logic, filters
  • History - Execution logs and debugging

Quick Start

# Create workflow
./workflow.sh create my-workflow

# Add trigger
./workflow.sh add-trigger my-workflow schedule "*/5 * * * *"

# Add action
./workflow.sh add-action my-workflow http "https://api.example.com"

# Run
./workflow.sh run my-workflow

Triggers Supported

  • Schedule (cron)
  • Webhook
  • HTTP
  • Database changes
  • File changes

Actions Supported

  • HTTP Requests
  • Email
  • SMS
  • Database
  • Slack/Discord notifications
  • AWS Lambda

Requirements

  • Node.js 18+
  • Redis (optional)

Author

Sunshine-del-ux

Comments

Loading comments...