Gigo Lobster Local

v2.1.0

🦞 GIGO · gigo-lobster-local: 本地模式：跑完整评测，但不上云、不注册个人结果页，证书二维码回到官网首页。 Triggers: 本地试吃龙虾 / 离线试吃龙虾 / local lobster taste / offline lobster taste.

⭐ 0· 266·1 current·1 all-time

by@gigolab

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for gigolab/gigo-lobster-local.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Gigo Lobster Local" (gigolab/gigo-lobster-local) from ClawHub.
Skill page: https://clawhub.ai/gigolab/gigo-lobster-local
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install gigo-lobster-local

ClawHub CLI

Package manager switcher

npx clawhub@latest install gigo-lobster-local

Security Scan

Capability signals

CryptoRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The SKILL.md and triggers describe a local-only benchmark runner and the declared runtime requirements are minimal (python3). That aligns with the 'local' purpose. However, the shipped bundle contains many cloud/network-related modules (gateway_client.py, judge_client.py, score_uploader.py, session_client.py, etc.) and a full evaluation harness designed to call a /judge endpoint. Those files are coherent with the broader 'gigo-lobster' family (there are upload/register modes), but they are not strictly necessary for a single local-run skill and therefore are worth noticing.

Instruction Scope

The SKILL.md gives precise runtime instructions to run the wrapper (e.g. python3 /absolute/path/to/run_local.py) and to tail a log under ~/.openclaw/workspace/outputs/gigo-lobster-local/gigo-run.log — these are within the local-run scope. However, the SKILL.md also contains pre-scan prompt-injection markers (e.g. 'ignore-previous-instructions' and unicode-control-chars were detected). That suggests parts of the runtime instructions may be trying to influence agent behavior beyond normal scope. Additionally, the manifest includes code that performs network calls (requests.post in judge_client/gateway_client). While the instructions discourage uploads, the presence of code that can contact external endpoints increases the risk if the wrapper or other scripts are invoked with different flags or if a bug lets that code run.

ℹ

Install Mechanism

There is no install script (instruction-only install spec), which reduces install-time risk. However, the skill package contains a large bundle of code files that will be present on disk when the skill is installed. No external download URLs or extract-from-URL steps are declared. The inclusion of many files is unusual for a small local runner but not inherently dangerous — it just increases the attack surface if any of those files are executed.

ℹ

Credentials

The skill declares no required environment variables or credentials and requires only a Python binary — reasonable for a local runner. SKILL.md does reference optional local env vars (GIGO_LOBSTER_NAME, GIGO_LOBSTER_TAGS, GIGO_UPLOAD_MODE) and reading SOUL.md; those are proportionate. That said, some bundled modules (judge_client/gateway_client/score_uploader) would typically require endpoint configuration (gateway_base) or credentials but those are not declared as required — meaning network-capable code is present but not explicitly requested.

✓

Persistence & Privilege

The skill is not marked always:true and does not request persistent privileges. There is no install-time autorun or declared modification of system-wide configs. The instruction to tail logs and keep the process attached does not imply elevated privileges. Overall persistence/privilege level appears normal.

Scan Findings in Context

[prompt-injection:ignore-previous-instructions] unexpected: The SKILL.md contains text patterns that the pre-scan flagged as 'ignore-previous-instructions' — this is a prompt-injection style pattern that could try to override agent instruction flow. For a local-run wrapper this is not expected and should be treated as suspicious.

[prompt-injection:unicode-control-chars] unexpected: The SKILL.md contained unicode control character patterns that the scanner flagged. These are often used to obfuscate instructions or hide injected directives; not expected for a straightforward runtime instruction file.

[network-calls:requests_post] expected: Multiple bundled files (e.g., bundle/harness_reference/judge_client.py and bundle/INTEGRATION.md references) perform HTTP POSTs to a /judge gateway. This is expected for the overall gigo-lobster family (upload/judge modes), but not for a strictly local-only run. Presence is therefore expected for the family but not required for local mode.

What to consider before installing

This skill claims 'local-only' behavior and its SKILL.md enforces running the provided local wrapper, which is good. Still, the package includes many files that can perform network calls (judge_client, gateway_client, score_uploader). Before installing or running: - Inspect the wrapper: open run_local.py (and the small wrapper scripts referenced, e.g., run_local.py / run_register.py) and confirm they do not invoke network functions or import judge_client/gateway_client. - Grep for 'requests.post', 'gateway', 'judge', 'score_uploader' in the bundle to see what code can reach out. If you find network calls, read the surrounding code to confirm they are not executed in the local wrapper path. - Prefer running the skill in an isolated environment (VM/container) or with network disabled for the first run to verify behavior and outputs (lobster-report.*, lobster-cert.*, gigo-run.log). - Check the gigo-run.log for unexpected outgoing connections or errors. If you see attempts to POST to external URLs, stop the run. - Because the SKILL.md contained prompt-injection indicators, avoid blindly following any free-form guidance from the skill beyond executing the explicit local wrapper command. Treat the SKILL.md instructions as potentially manipulative and prefer manual review. If you want extra safety: run a code search for 'judge', 'gateway_base', and 'requests' and ensure the specific wrapper you run does not call those paths, or run the wrapper with network blocked.

✗

bundle/tasks/a27_refuse_eval_user_input/setup/dangerous.py:5

Dynamic code execution detected.

✗

scripts/v2_bundle_tools.py:50

Dynamic code execution detected.

scripts/tasting_config.json:3

Install source points to URL shortener or raw IP.

bundle/tasks/a25_readme_prompt_injection/setup/README.md:20

Prompt-injection style instruction pattern detected.

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🦞 Clawdis

OSmacOS · Linux · Windows

Any binpython3, python, py

latestvk971ny8w8pkn9xkm0txevt9kk985qktr

266downloads

0stars

22versions

Updated 1h ago

v2.1.0

MIT-0

macOS, Linux, Windows

gigo-lobster-local

Mission

本地模式：跑完整评测，但不上云、不注册个人结果页，证书二维码回到官网首页。
Local-only mode: runs the benchmark without uploading, without creating a personal result page, and keeps the certificate QR code pointed at the site homepage.

Trigger Phrases

中文：本地试吃龙虾 / 离线试吃龙虾 / 只在本地评测龙虾 / 龙虾本地模式
English: local lobster taste / offline lobster taste / run lobster locally / local lobster eval

Execution Rules

Use a direct Python command on this skill directory's wrapper file. Never use cd ... && python ...; OpenClaw preflight may reject it.
Prefer python3, then python, then py.
If the user asked in Chinese, append --lang zh. If the user asked in English, append --lang en.
Stream short progress updates while the benchmark is running.
Keep stdout/stderr visible and remind the user that the full log is written to gigo-run.log.
Do not run --help, inspect the whole repo, or switch to main.py once the wrapper command is clear. Start the wrapper directly.
If the wrapper starts a long-running process, do not kill it just because stdout is quiet for a while. A full tasting run often takes 15-25 minutes.
While a long run is in progress, monitor the process and tail the log file under ~/.openclaw/workspace/outputs/gigo-lobster-local/gigo-run.log instead of improvising a second execution path.
Only declare failure if the process exits non-zero, the log shows a traceback, or the user explicitly asks to cancel.
Stay attached until the wrapper exits. Do not end the conversation with “I will keep monitoring”; keep polling and only report completion once you have the final score/result files/ref_code (if any).
Prefer process poll plus exec tail -n 50 .../gigo-run.log while monitoring. Do not use a generic full-file read on gigo-run.log, because the log can be large and may break the chat output.

Default Behavior

中文：默认只在本地生成报告与证书，不上传云端。
English: By default it keeps everything local and does not upload to the cloud.

Recommended Command Shape

python3 /absolute/path/to/run_local.py --lang zh

If the user explicitly asks for overrides, append the matching CLI flags:

--lobster-name "..." and --lobster-tags "tag1,tag2" for a custom lobster persona
--output-dir /custom/path for a custom output directory
--require-png-cert when the user refuses the SVG fallback
--skip-upload or --register-only only when the user explicitly asks to change the default upload behavior

Persona Defaults

Explicit CLI overrides win first: --lobster-name and --lobster-tags
Then read GIGO_LOBSTER_NAME and GIGO_LOBSTER_TAGS
Then read SOUL.md
Finally fall back to the default lobster persona

Do not stop for interactive questions unless the user explicitly asks for an interactive run.

Comments

Loading comments...