ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Brainstorming

v0.1.0

Socratic design refinement before coding. Use when user requests feature without clear spec.

1· 759·1 current·1 all-time
by@nefas11
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Socratic design refinement) match the SKILL.md workflow (clarifying questions, alternatives, design doc). The actions requested (produce design text, save a doc, hand off to a planning skill) are proportionate to that purpose.
Instruction Scope
Instructions are narrowly scoped to eliciting requirements, generating alternatives, creating a design doc, and saving it to docs/design/YYYY-MM-DD-feature-name.md. This is expected, but be aware it instructs the agent to write a file to the workspace and to pass the doc to another skill (writing-plans). If you don't want automatic file writes or cross-skill handoffs, note that behavior.
Install Mechanism
No install spec and no code files — instruction-only skill with no binaries or downloads. Low install risk.
Credentials
Requires no environment variables, credentials, or config paths. Declared requirements match the SKILL.md (which does not reference secrets or external services).
Persistence & Privilege
always is false and the skill is user-invocable; it does not request elevated or persistent privileges. Model invocation is enabled (normal default), which allows autonomous calls, but nothing in the skill justifies elevated persistence.
Assessment
This skill appears coherent and low-risk: it asks questions, outlines approaches, creates a design doc, and suggests saving it in docs/design. Before installing, decide whether you are comfortable with the agent writing files into your workspace and automatically handing documents to another skill (writing-plans). If you prefer tighter control, run it only when invoked manually, inspect generated docs before committing, and verify the permissions/behavior of any downstream skill (writing-plans) that will receive the design doc.

Like a lobster shell, security has layers — review code before you run it.

latestvk970n8fy45t8kjra2vnmyg50j981batz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments