Hiring
v1.0.0Hire humans or AI agents for tasks you cannot do yourself, with platform selection, vetting, contracts, and payment management.
⭐ 2· 841·2 current·2 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name and description (hiring humans or AI agents, platform selection, vetting, contracts, payments) match the included documents (platforms.md, contracts.md, legal.md, physical.md, agents.md). There are no unexpected environment variables, binaries, or install steps requested that would contradict the stated purpose.
Instruction Scope
SKILL.md and the included files stay on-topic (platform selection, vetting, contract templates, agent orchestration, physical task verification). They instruct the agent to route tasks to other agents, make platform API calls, dispatch humans for physical tasks, and require logging/audit trails. The instructions do not instruct the agent to read unrelated system files or hidden endpoints, but they do implicitly assume the agent may have access to platform/payment APIs and authorization at runtime (e.g., dispatching, escrow/stablecoin payments).
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing will be written to disk or downloaded by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is consistent with an advisory/instruction-only skill. However the content references many third-party APIs (Upwork, Freelancer, RentAHuman.ai, stablecoins, etc.) that would require credentials to actually integrate. Users should not assume the skill will function autonomously without providing external credentials at runtime; any credentials supplied later should be scoped and limited.
Persistence & Privilege
The skill is not marked always:true and is user-invocable. Autonomous invocation defaults are unchanged. There is some operational risk if the agent that uses this skill is granted live payment/dispatch authority (the skill's instructions explicitly mention budget caps and 'agent should be authorized to dispatch immediately' for emergencies). That risk stems from agent permissions and credentialing, not from the skill itself.
Assessment
This skill appears to be a coherent hiring playbook and not malicious, but it assumes your agent may be connected to external platforms and payment methods. Before installing or enabling it: (1) do not provision broad payment credentials or full-control API keys to the agent—use limited-scope or test accounts; (2) configure hard budget caps and require human approval for payments above a small threshold; (3) test with low-risk/sample tasks first (no real money or sensitive data); (4) review the legal.md and contracts.md guidance and ensure tax/worker-classification compliance for your jurisdiction; (5) if you plan to enable autonomous dispatching of physical tasks, verify the reputation and insurance of the referenced platforms (e.g., RentAHuman.ai) and require proof-of-completion mechanisms (GPS/photo/video); (6) enable auditing/logging so you can review any actions the agent takes. These steps will reduce the main operational risks the skill implies.Like a lobster shell, security has layers — review code before you run it.
latestvk970cajtzc4j7ycrd68jgfhp0h81093v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.