ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cli Tool Template

v1.0.0

コマンドラインツール(CLI)開発のためのOpenClawワークスペース設定テンプレート。CLI UX、ドキュメント優先、テスト駆動開発の原則。

0· 189·0 current·0 all-time
by@hirofumiko
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (CLI template) match the files and templates provided. Templates and examples (SOUL/IDENTITY/AGENTS/USER/HEARTBEAT) are consistent with a workspace scaffolding for CLI development. Sample agents (DevOpsBot, SysAdminBot) are plausible examples for this template.
!
Instruction Scope
SKILL.md / templates explicitly instruct agents to read memory files (memory/YYYY-MM-DD.md and MEMORY.md) at session start, to perform heartbeats that run tests and checks, and include the line "Don't ask permission. Just do it." Those directives grant broad discretion to read/write workspace state and act proactively — reasonable for a workspace assistant but risky because memory files can contain sensitive context. The skill does not request credentials, but it does instruct the agent to access local files and run background checks without requiring explicit user consent each time.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Usage instructions copy templates from the skill folder into the user's workspace; nothing is downloaded from external URLs.
Credentials
No required environment variables, binaries, or config paths are declared. The templates reference only the workspace (e.g., ~/.openclaw/workspace) and not external credentials. That is proportionate to a template.
!
Persistence & Privilege
always:false and no explicit persistence in manifest (good), but the instructions encourage autonomous background activity (heartbeats, proactive checks) and reading/updating MEMORY.md. Combined with normal platform autonomous invocation, this gives the skill operational autonomy over local workspace files. This is not inherently malicious but increases risk if memory files contain secrets or if you don't want the agent acting without prompts.
What to consider before installing
This skill appears to be a legitimate CLI-workspace template and does not request credentials or install code. However: 1) review AGENTS.md and HEARTBEAT.md—they instruct the agent to read memory/YYYY-MM-DD.md and MEMORY.md and to act proactively ("Don't ask permission. Just do it."). That behavior can expose sensitive local context. 2) Before installing, inspect any existing memory files and remove secrets; consider installing into an isolated workspace rather than your main ~/.openclaw/workspace. 3) If you want to limit autonomous actions, keep model invocation disabled for this skill or adjust agent policies so the skill asks before reading/writing MEMORY.md or running tests/publish actions. 4) Because the skill is instruction-only, nothing is downloaded, but you should still audit templates to ensure they match your privacy and operational expectations.

Like a lobster shell, security has layers — review code before you run it.

latestvk9761h9n1q2n9d6qe55htxmzeh835ny6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

⚙️ Clawdis

Comments