ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Context Management

v1.0.0

Manage AI agent context window consumption, prevent compaction death spirals, and enforce sub-agent spawn policies. Use when: (1) context is filling up and w...

0· 876·1 current·1 all-time
by@marcus-daemon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match behavior: the SKILL.md and included script focus on measuring context usage, spawning sub-agents, writing a workspace checkpoint, and advising config tuning. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
Instructions stay within context-management scope: they call session_status, examine or create .context-policy.yml and .context-checkpoint.md, read daily logs (memory/{today}.md), and spawn sub-agents. These are expected operations for this purpose. Note: the guidance also instructs using the platform 'gateway' to read/patch agent-level config (agents.defaults.compaction, contextPruning), which is sensitive but relevant to the skill's goal.
Install Mechanism
Instruction-only skill with no install spec. There is a small shell script included for checkpoint file read/write; no downloads or external installers are used.
Credentials
The skill requests no environment variables, credentials, or nonstandard config paths. It writes/reads workspace files (.context-checkpoint.md, optional policy file) which is proportionate to checkpointing and recovery.
!
Persistence & Privilege
The skill is not always-enabled and is user-invocable (normal). However, it explicitly recommends and documents how to patch global gateway/agent defaults (compaction and pruning). Changing these system-wide settings can affect other agents and sessions; apply those changes only with appropriate permissions and backups.
Assessment
This skill appears coherent and behavior matches its description. Before installing/use: (1) understand it will read and write files in the workspace root (.context-checkpoint.md) — these checkpoints may contain session details you may not want saved; (2) it suggests changing OpenClaw gateway/agent defaults (compaction/pruning) via gateway config.patch — only do this if you have proper permissions and have backed up current config; (3) confirm the platform-provided commands it references (session_status, gateway) are available and that the agent is allowed to run them; (4) if you don't want the agent to change global settings automatically, avoid executing the config.patch steps or restrict the skill's autonomous invocation; (5) review .context-policy.yml in your workspace to control spawn policy behavior. Overall: low-risk but exercise normal operational caution around config changes and persisted checkpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk9723arw4ncmnwj8mfbqtj8hj981e76v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments