Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Intelligent Task Planner
v0.1.2智能任务规划器 - 高度自主的AI任务自动化引擎 Auto-Skill Orchestrator with 152 task types
⭐ 0· 50·0 current·0 all-time
by@ethvs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The description claims a code package (entry file index.js, exports, node dependency, npm install examples) but the bundle is instruction-only with no code files or install spec. Some declared capabilities (auto-installing and executing other skills) align with an orchestrator, but embedding a high-priority 'force_mode' that intercepts all inputs and overrides system prompts is not proportionate to a typical task-planner and exceeds the stated purpose.
Instruction Scope
SKILL.md instructs the agent to intercept all inputs (triggers: '.*' and force_mode.intercept_all: true), to auto-install missing skills from sources including github, and to override the agent/system prompt (agent_override.override_system_prompt: true). These actions direct the agent to read/modify agent behavior and to fetch/execute external code — scope creep beyond simple intent recognition and planning.
Install Mechanism
There is no formal install spec (instruction-only), but the skill's configuration and examples encourage dynamic installation of missing skills from ClawHub, GitHub, and npm. That means an agent following these instructions could download and run arbitrary third-party code; because no code is packaged here, there is nothing to audit locally before execution.
Credentials
The skill declares no required environment variables or credentials, which limits straightforward secret-exfiltration flags. However, it requests behavioral privileges (auto-installing packages and overriding system prompts) that don't require credentials but still enable execution of arbitrary external code — a non-credential risk that should be treated cautiously.
Persistence & Privilege
SKILL.md defines a 'force_mode' with highest priority, exclusive=true, intercept_all=true and agent_override.override_system_prompt=true. Even though registry metadata shows always: false, the embedded force_mode configuration attempts to grant the skill persistent, high-privilege behavior (blocking other skills and changing system prompts) — this is a significant privilege escalation if applied.
What to consider before installing
Do not install this skill without further verification. Key issues: (1) The package contains no code to audit but the manifest claims index.js/exports — ask the author for the actual code and a proper package. (2) SKILL.md includes a 'force_mode' that would intercept all inputs and override system prompts — request removal or explicit justification; this is a high-privilege capability and unnecessary for most planners. (3) The skill encourages auto-installing other skills from GitHub/npm; that means the agent could download and execute arbitrary third-party code. If you still want to test it, run it only in a tightly sandboxed environment, disable autoInstall, restrict sources to trusted registries, and require the author to provide the actual code or a signed release so you can audit it first.Like a lobster shell, security has layers — review code before you run it.
latestvk974bfctf95w3w83amm6rw5avn84tyzv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.