ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Brainstorming

v0.1.0

You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior. Explores user intent, requirements and design before implementation.

5· 7.3k·169 current·185 all-time
by@zlc000190
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the behavior in SKILL.md: the skill explores intent, asks questions, proposes approaches, and produces a written design. It explicitly reads project state and writes design docs/commits them, which is coherent for a design workflow.
Instruction Scope
Instructions direct the agent to inspect the current project (files, docs, recent commits), produce a design in 200–300 word sections, write the validated design to docs/plans/YYYY-MM-DD-<topic>-design.md, and commit to git. This is within the stated purpose, but it does grant the agent permission to read repository contents and modify the repo (create/commit files). Users should expect those side effects.
Install Mechanism
No install spec and no code files; the skill is instruction-only, which minimizes installation risk.
Credentials
The skill requests no environment variables or external credentials. However, its runtime actions (reading repo state and committing) implicitly rely on access to the local repository and any git credentials/config the environment provides. No unrelated secrets are requested.
Persistence & Privilege
The skill will create persistent artifacts in the repository (design docs and git commits). always:false (default) and autonomous invocation is not disabled, so the agent could act autonomously when invoked. The skill does not request system-wide privileges or modify other skills.
Assessment
This skill is coherent for turning ideas into documented designs, but be aware it will read your repository and write/commit design files. Before installing or invoking it: 1) Ensure you want the agent to access the repo and make commits (consider requiring confirmation before committing or using a separate branch). 2) Verify the agent's git identity and remote push behavior (it may use local git credentials). 3) Review generated files and commits before pushing them upstream. 4) If you prefer more control, ask the agent to produce the design as output rather than committing it automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk976t0rfscqvh60j35qzbhxky180w24a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments